AzPolicyAdvertizer

last sync: 2025-Sep-18 17:23:10 UTC

KeyVault SoftDelete should be enabled

Azure Landing Zones (ALZ) Policy definition

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Append-KV-SoftDelete
Deploy policy Append-KV-SoftDelete (1.0.0) to Azure
Display name KeyVault SoftDelete should be enabled
Id Append-KV-SoftDelete
Version 1.0.0
Details on versioning
Category Key Vault
Description This policy enables you to ensure when a Key Vault is created with out soft delete enabled it will be added.
Cloud environments AzureChinaCloud
AzureCloud
AzureUSGovernment
Mode Indexed
Type Custom Azure Landing Zones (ALZ)
Preview False
Deprecated False
Effect Fixed
append
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.KeyVault/vaults/enableSoftDelete Microsoft.KeyVault vaults properties.enableSoftDelete True True
THEN-Details (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.KeyVault/vaults/enableSoftDelete Microsoft.KeyVault vaults properties.enableSoftDelete True True
Rule resource types IF (1)
Microsoft.KeyVault/vaults
Initiatives usage none
History none
JSON compare n/a
JSON
EPAC
Deploy policy Append-KV-SoftDelete (1.0.0) to Azure