steampipe plugin install azuresteampipe plugin install azure
azure_ad_groupazure_ad_service_principalazure_ad_userazure_alert_managementazure_api_managementazure_api_management_backendazure_app_configurationazure_app_service_environmentazure_app_service_function_appazure_app_service_planazure_app_service_web_appazure_app_service_web_app_slotazure_application_gatewayazure_application_insightazure_application_security_groupazure_automation_accountazure_automation_variableazure_bastion_hostazure_batch_accountazure_cognitive_accountazure_compute_availability_setazure_compute_diskazure_compute_disk_accessazure_compute_disk_encryption_setazure_compute_disk_metric_read_opsazure_compute_disk_metric_read_ops_dailyazure_compute_disk_metric_read_ops_hourlyazure_compute_disk_metric_write_opsazure_compute_disk_metric_write_ops_dailyazure_compute_disk_metric_write_ops_hourlyazure_compute_imageazure_compute_resource_skuazure_compute_snapshotazure_compute_ssh_keyazure_compute_virtual_machineazure_compute_virtual_machine_metric_cpu_utilizationazure_compute_virtual_machine_metric_cpu_utilization_dailyazure_compute_virtual_machine_metric_cpu_utilization_hourlyazure_compute_virtual_machine_scale_setazure_compute_virtual_machine_scale_set_network_interfaceazure_compute_virtual_machine_scale_set_vmazure_consumption_usageazure_container_groupazure_container_registryazure_cosmosdb_accountazure_cosmosdb_mongo_collectionazure_cosmosdb_mongo_databaseazure_cosmosdb_restorable_database_accountazure_cosmosdb_sql_databaseazure_data_factoryazure_data_factory_datasetazure_data_factory_pipelineazure_data_lake_analytics_accountazure_data_lake_storeazure_databox_edge_deviceazure_databricks_workspaceazure_diagnostic_settingazure_dns_zoneazure_eventgrid_domainazure_eventgrid_topicazure_eventhub_namespaceazure_express_route_circuitazure_firewallazure_firewall_policyazure_frontdoorazure_hdinsight_clusterazure_healthcare_serviceazure_hpc_cacheazure_hybrid_compute_machineazure_hybrid_kubernetes_connected_clusterazure_iothubazure_iothub_dpsazure_key_vaultazure_key_vault_deleted_vaultazure_key_vault_keyazure_key_vault_key_versionazure_key_vault_managed_hardware_security_moduleazure_key_vault_secretazure_kubernetes_clusterazure_kubernetes_service_versionazure_kusto_clusterazure_lbazure_lb_backend_address_poolazure_lb_nat_ruleazure_lb_outbound_ruleazure_lb_probeazure_lb_ruleazure_locationazure_log_alertazure_log_profileazure_logic_app_workflowazure_machine_learning_workspaceazure_management_groupazure_management_lockazure_mariadb_serverazure_monitor_activity_log_eventazure_monitor_log_profileazure_mssql_elasticpoolazure_mssql_managed_instanceazure_mssql_virtual_machineazure_mysql_flexible_serverazure_mysql_serverazure_nat_gatewayazure_network_interfaceazure_network_security_groupazure_network_watcherazure_network_watcher_flow_logazure_policy_assignmentazure_policy_definitionazure_postgresql_flexible_serverazure_postgresql_serverazure_private_dns_zoneazure_providerazure_public_ipazure_recovery_services_backup_jobazure_recovery_services_vaultazure_redis_cacheazure_resource_groupazure_resource_linkazure_role_assignmentazure_role_definitionazure_route_tableazure_search_serviceazure_security_center_auto_provisioningazure_security_center_automationazure_security_center_contactazure_security_center_jit_network_access_policyazure_security_center_settingazure_security_center_sub_assessmentazure_security_center_subscription_pricingazure_service_fabric_clusterazure_servicebus_namespaceazure_signalr_serviceazure_spring_cloud_serviceazure_sql_databaseazure_sql_serverazure_storage_accountazure_storage_blobazure_storage_blob_serviceazure_storage_containerazure_storage_queueazure_storage_share_fileazure_storage_syncazure_storage_tableazure_storage_table_serviceazure_stream_analytics_jobazure_subnetazure_subscriptionazure_synapse_workspaceazure_tenantazure_virtual_networkazure_virtual_network_gateway

Table: azure_key_vault_deleted_vault - Query Azure Key Vaults using SQL

Azure Key Vault is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys. Azure Key Vault handles requesting and renewing Transport Layer Security (TLS) certificates.

Table Usage Guide

The azure_key_vault_deleted_vault table provides insights into the deleted vaults within Azure Key Vault. As a security analyst, explore vault-specific details through this table, including deletion dates, recovery levels, and associated metadata. Utilize it to uncover information about deleted vaults, such as their scheduled purge dates, recovery ids, and the geographical location of the vaults.

Examples

Basic info

Discover the segments that have been deleted from your Azure Key Vault, including when they were deleted and when they are scheduled for permanent removal. This can be useful for auditing purposes, ensuring data integrity, and managing your digital assets.

select
name,
id,
type,
deletion_date,
scheduled_purge_date
from
azure_key_vault_deleted_vault;
select
name,
id,
type,
deletion_date,
scheduled_purge_date
from
azure_key_vault_deleted_vault;

List deleted vaults with scheduled purge date more than 1 day

Explore which Azure Key Vaults have been deleted but are scheduled for purge after more than one day. This can be useful for reviewing and managing your data retention and recovery strategies.

select
name,
id,
type,
deletion_date,
scheduled_purge_date
from
azure_key_vault_deleted_vault
where
scheduled_purge_date > (current_date - interval '1' day);
select
name,
id,
type,
deletion_date,
scheduled_purge_date
from
azure_key_vault_deleted_vault
where
date(scheduled_purge_date) > date('now', '-1 day');

Control examples

Schema for azure_key_vault_deleted_vault

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
cloud_environmenttextThe Azure Cloud Environment.
deletion_datetimestamp with time zoneThe deleted date of the vault.
idtextContains ID to identify a deleted vault uniquely.
nametext=The friendly name that identifies the deleted vault.
regiontext=The Azure region/location in which the resource is located.
resource_grouptextThe resource group which holds this resource.
scheduled_purge_datetimestamp with time zoneThe scheduled purged date of the vault.
subscription_idtextThe Azure Subscription ID in which the resource is located.
tagsjsonbA map of tags for the resource.
titletextTitle of the resource.
typetextType of the resource.
vault_idtextThe resource id of the original vault.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_key_vault_deleted_vault