Share via

@azure/keyvault-secrets package

  • Reference

Classes

SecretClient

The SecretClient provides methods to manage KeyVaultSecret in the Azure Key Vault. The client supports creating, retrieving, updating, deleting, purging, backing up, restoring and listing KeyVaultSecrets. The client also supports listing DeletedSecret for a soft-delete enabled Azure Key Vault.

Interfaces

BackupSecretOptions

Options for <xref:backupSecretOptions>.
BeginDeleteSecretOptions

An interface representing the optional parameters that can be passed to beginDeleteSecret(string, BeginDeleteSecretOptions)
BeginRecoverDeletedSecretOptions

An interface representing the optional parameters that can be passed to beginRecoverDeletedSecret(string, BeginRecoverDeletedSecretOptions)
DeletedSecret

An interface representing a deleted KeyVault Secret.
GetDeletedSecretOptions

Options for getDeletedSecret(string, GetDeletedSecretOptions).
GetSecretOptions

Options for getSecret(string, GetSecretOptions).
KeyVaultSecret

An interface representing a KeyVault Secret, with its name, value and SecretProperties.
KeyVaultSecretIdentifier

Represents the segments that compose a Key Vault Secret Id.
ListDeletedSecretsOptions

Options for listDeletedSecrets(ListDeletedSecretsOptions).
ListPropertiesOfSecretVersionsOptions

Options for listPropertiesOfSecretVersions(string, ListPropertiesOfSecretVersionsOptions).
ListPropertiesOfSecretsOptions

Options for listPropertiesOfSecrets(ListPropertiesOfSecretsOptions).
PageSettings

An interface that tracks the settings for paged iteration
PagedAsyncIterableIterator

An interface that allows async iterable iteration both to completion and by page.
PollOperationState

PollOperationState contains an opinionated list of the smallest set of properties needed to define any long running operation poller.

While the Poller class works as the local control mechanism to start triggering, wait for, and potentially cancel a long running operation, the PollOperationState documents the status of the remote long running operation.

It should be updated at least when the operation starts, when it's finished, and when it's cancelled. Though, implementations can have any other number of properties that can be updated by other reasons.
PollerLike

Abstract representation of a poller, intended to expose just the minimal API that the user needs to work with.
PurgeDeletedSecretOptions

Options for purgeDeletedSecret(string, PurgeDeletedSecretOptions).
RestoreSecretBackupOptions

Options for restoreSecretBackup(Uint8Array, RestoreSecretBackupOptions).
SecretClientOptions

The optional parameters accepted by the KeyVault's KeyClient
SecretPollerOptions

An interface representing the optional parameters that can be passed to beginDeleteSecret(string, BeginDeleteSecretOptions) and <xref:beginRecoverDeletedKey>.
SecretProperties

An interface representing the properties of a KeyVaultSecret.
SetSecretOptions

Options for setSecret(string, string, SetSecretOptions).
UpdateSecretPropertiesOptions

Options for updateSecretProperties(string, string, UpdateSecretPropertiesOptions).

Type Aliases

DeletionRecoveryLevel

Defines values for DeletionRecoveryLevel.
KnownDeletionRecoveryLevel can be used interchangeably with DeletionRecoveryLevel, this enum contains the known values that the service supports.

Known values supported by the service

Purgeable: Denotes a vault state in which deletion is an irreversible operation, without the possibility for recovery. This level corresponds to no protection being available against a Delete operation; the data is irretrievably lost upon accepting a Delete operation at the entity level or higher (vault, resource group, subscription etc.)
Recoverable+Purgeable: Denotes a vault state in which deletion is recoverable, and which also permits immediate and permanent deletion (i.e. purge). This level guarantees the recoverability of the deleted entity during the retention interval (90 days), unless a Purge operation is requested, or the subscription is cancelled. System wil permanently delete it after 90 days, if not recovered
Recoverable: Denotes a vault state in which deletion is recoverable without the possibility for immediate and permanent deletion (i.e. purge). This level guarantees the recoverability of the deleted entity during the retention interval(90 days) and while the subscription is still available. System wil permanently delete it after 90 days, if not recovered
Recoverable+ProtectedSubscription: Denotes a vault and subscription state in which deletion is recoverable within retention interval (90 days), immediate and permanent deletion (i.e. purge) is not permitted, and in which the subscription itself cannot be permanently canceled. System wil permanently delete it after 90 days, if not recovered
CustomizedRecoverable+Purgeable: Denotes a vault state in which deletion is recoverable, and which also permits immediate and permanent deletion (i.e. purge when 7<= SoftDeleteRetentionInDays < 90). This level guarantees the recoverability of the deleted entity during the retention interval, unless a Purge operation is requested, or the subscription is cancelled.
CustomizedRecoverable: Denotes a vault state in which deletion is recoverable without the possibility for immediate and permanent deletion (i.e. purge when 7<= SoftDeleteRetentionInDays < 90).This level guarantees the recoverability of the deleted entity during the retention interval and while the subscription is still available.
CustomizedRecoverable+ProtectedSubscription: Denotes a vault and subscription state in which deletion is recoverable, immediate and permanent deletion (i.e. purge) is not permitted, and in which the subscription itself cannot be permanently canceled when 7<= SoftDeleteRetentionInDays < 90. This level guarantees the recoverability of the deleted entity during the retention interval, and also reflects the fact that the subscription itself cannot be cancelled.

Enums

KnownDeletionRecoveryLevel

Known values of DeletionRecoveryLevel that the service accepts.

Functions

parseKeyVaultSecretIdentifier(string)

Parses the given Key Vault Secret Id. An example is:

https://.vault.azure.net/secrets//

On parsing the above Id, this function returns:

  {
     sourceId: "https://<keyvault-name>.vault.azure.net/secrets/<secret-name>/<unique-version-id>",
     vaultUrl: "https://<keyvault-name>.vault.azure.net",
     version: "<unique-version-id>",
     name: "<secret-name>"
  }

Function Details

parseKeyVaultSecretIdentifier(string)

Parses the given Key Vault Secret Id. An example is:

https://.vault.azure.net/secrets//

On parsing the above Id, this function returns:

  {
     sourceId: "https://<keyvault-name>.vault.azure.net/secrets/<secret-name>/<unique-version-id>",
     vaultUrl: "https://<keyvault-name>.vault.azure.net",
     version: "<unique-version-id>",
     name: "<secret-name>"
  }

function parseKeyVaultSecretIdentifier(id: string): KeyVaultSecretIdentifier

Parameters

id

string

The Id of the Key Vault Secret.

Returns

KeyVaultSecretIdentifier