# How to resolve Sprinto check to ensure key vaults are recoverable

### About:

Sprinto check: Ensure the Key Vault is Recoverable

The above-mentioned Sprinto check verifies that the recovery option is enabled for your Azure Key Vaults. The recovery option allows you to recover a deleted Key Vault and its contents within a specified retention period, protecting against accidental or malicious deletion.

### Purpose:

This check ensures that you have a safeguard in place to recover your Key Vaults and their contents in case of accidental or malicious deletion. By enabling the recovery option, you can mitigate the risk of data loss and ensure the availability of your cryptographic keys, secrets, and certificates, even if the Key Vault is deleted.

### How to fix this check:

Follow the below steps to resolve this check:

#### Before you begin

* Ensure you have the administrator privilege to manage Azure Key Vault settings.

#### Enabling Key Vault Recovery

1. Log in to the [Azure portal](https://azure.microsoft.com/en-in/get-started/azure-portal) using your credentials.
2. Navigate to the Key Vaults service.
3. Select the key vault from the list to review the configuration.
4. Click on Properties under Settings from the left-side navigation bar.
5. Ensure you have the following configuration status:
   * Soft-delete: Soft delete is enabled on this key vault
   * Purge protection: Enabled purge protection. If it is disabled, you can enable it and save the changes.<br>

     <figure><img src="https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/72098969660/original/bTFSxVAOEtj5jN1sPzN-0Gkcxc3w_5XKAw.png?1716371766" alt="" width="563"><figcaption></figcaption></figure>
6. Repeat the above steps for all key vaults that stores critical organizational data.

Sprinto will detect the configuration change and set the check status to "Passing.”

Contact Sprinto support if you have any queries related to the check or need assistance.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sprinto.com/monitors/cloud-and-infrastructure-monitoring/azure/how-to-resolve-sprinto-check-to-ensure-key-vaults-are-recoverable.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.