From 319dc6447271f8b86a2fcbfba894b38e014adac7 Mon Sep 17 00:00:00 2001 From: nerda-codes Date: Tue, 15 Apr 2025 17:39:31 +0200 Subject: [PATCH 1/2] docs(sem): add secret deletion --- menu/navigation.json | 12 ++++- pages/secret-manager/concepts.mdx | 14 ++++-- pages/secret-manager/faq.mdx | 4 +- pages/secret-manager/how-to/delete-secret.mdx | 19 ++++---- .../secret-manager/how-to/delete-version.mdx | 12 +++-- .../secret-manager/how-to/recover-secrets.mdx | 48 +++++++++++++++++++ .../secret-manager/how-to/recover-version.mdx | 38 +++++++++++++++ 7 files changed, 125 insertions(+), 22 deletions(-) create mode 100644 pages/secret-manager/how-to/recover-secrets.mdx create mode 100644 pages/secret-manager/how-to/recover-version.mdx diff --git a/menu/navigation.json b/menu/navigation.json index 6d6867bb14..e347a21d35 100644 --- a/menu/navigation.json +++ b/menu/navigation.json @@ -576,12 +576,20 @@ "slug": "manage-version" }, { - "label": "Delete a secret", + "label": "Schedule a secret deletion", "slug": "delete-secret" }, { - "label": "Delete a version", + "label": "Schedule a version deletion", "slug": "delete-version" + }, + { + "label": "Recover secrets scheduled for deletion", + "slug": "recover-secrets" + }, + { + "label": "Recover a version scheduled for deletion", + "slug": "recover-version" } ], "label": "How to", diff --git a/pages/secret-manager/concepts.mdx b/pages/secret-manager/concepts.mdx index 7b2fb3b61e..d00c70eda5 100644 --- a/pages/secret-manager/concepts.mdx +++ b/pages/secret-manager/concepts.mdx @@ -7,7 +7,7 @@ content: paragraph: Discover essential concepts of Scaleway Secret Manager, including secret versioning, ephemeral policies, and path management. tags: secret-manager secret version dates: - validation: 2025-01-13 + validation: 2025-04-15 --- ## Disabling a version @@ -109,12 +109,18 @@ Secret types refer to the different kinds of sensitive data you can store with S Upon secret creation, you must choose a secret type that will also be applied to the secret version. All the secret's subsequent versions must be of the same type. +## Scheduled deletion + +Scheduled deletion lets you mark a secret and its versions for deletion ahead of time. Instead of immediate deletion, the secret enters a 7-day pending deletion period, during which you can still [recover it](/secret-manager/how-to/recover-secrets/). + +During this time, you can read secret versions but cannot edit, access, or delete them. After the retention period, the secret and all its versions are permanently deleted. You can also schedule a secret version for deletion without impacting the secret associated with the version. + +Recovering deleted secrets is billed €0.01 per version associated with the secret. + ## Tag Tags allow you to organize your secrets. This gives you the possibility of sorting and filtering your secrets in any organizational pattern of your choice, which in turn helps you arrange, control, and monitor your secrets. ## Version -Versions store the data contained in your secret (API keys, passwords, or certificates). Versions can be [**enabled**](#enabling-a-version) or [**disabled**](#disabling-a-version) depending on your usage. Versions must be of the same type as the secret they belong to. - - +Versions store the data contained in your secret (API keys, passwords, or certificates). Versions can be [**enabled**](#enabling-a-version) or [**disabled**](#disabling-a-version) depending on your usage. Versions must be of the same type as the secret they belong to. \ No newline at end of file diff --git a/pages/secret-manager/faq.mdx b/pages/secret-manager/faq.mdx index e8ce9f71be..a5de3b9052 100644 --- a/pages/secret-manager/faq.mdx +++ b/pages/secret-manager/faq.mdx @@ -5,7 +5,7 @@ meta: content: h1: Secret Manager FAQ dates: - validation: 2025-04-01 + validation: 2025-04-15 category: identity-and-access-management productIcon: SecretManagerProductIcon --- @@ -40,3 +40,5 @@ To understand the secrets encryption process, refer to our [related documentatio At the end of the month, you are billed for the number of secret versions stored and API requests made on the service. A secret version is billed if it is in an enabled or disabled state. If, for example, you have used a secret version for five days, you will only be billed for the five days and not for the whole month. Find out more about pricing on our [dedicated page](https://www.scaleway.com/en/pricing/?tags=available). + +Recovering secrets [scheduled for deletion](/secret-manager/concepts/#scheduled-deletion) is billed €0.01 per version associated with the secret. \ No newline at end of file diff --git a/pages/secret-manager/how-to/delete-secret.mdx b/pages/secret-manager/how-to/delete-secret.mdx index 738f2581a7..3dd91e784c 100644 --- a/pages/secret-manager/how-to/delete-secret.mdx +++ b/pages/secret-manager/how-to/delete-secret.mdx @@ -5,15 +5,17 @@ meta: content: h1: How to delete a secret paragraph: Discover how to securely delete secrets using Scaleway's intuitive console. Follow these steps to manage your sensitive data effectively. -tags: secret sensitive-data storage-system +tags: secret sensitive-data storage-system schedule-deletion dates: - validation: 2025-03-14 + validation: 2025-04-15 posted: 2023-02-21 categories: - identity-and-access-management --- -This page explains how to delete a [secret](/secret-manager/concepts/#secret) using the [Scaleway console](https://console.scaleway.com). You **cannot delete protected secrets**, i.e. secrets to which you have applied [secret protection](/secret-manager/concepts/#secret-protection). +This page explains how to [schedule a secret deletion](/secret-manager/concepts/#scheduled-deletion) using the [Scaleway console](https://console.scaleway.com). You **cannot delete protected secrets**, i.e. secrets to which you have applied [secret protection](/secret-manager/concepts/#secret-protection). + +Once you schedule a secret for deletion, it enters a 7 day pending deletion period, during which you can still [recover it](/secret-manager/how-to/recover-secrets/). After this retention period, the secret and all its versions are permanently deleted. @@ -25,13 +27,10 @@ This page explains how to delete a [secret](/secret-manager/concepts/#secret) us 1. Click **Secret Manager** in the **Security and Identity** section of the [Scaleway console](https://console.scaleway.com/) side menu. 2. Select the [region](/secret-manager/concepts/#region) in which to delete the secret, in the **Region** drop-down. -3. Access the secret you wish to delete. The secret's **Overview** tab displays. -4. Scroll down and click **Delete secret**. A pop-up displays. -5. Type **DELETE** and click **Delete secret**. +3. Click next to the secret you want to delete and click **Delete**. A pop-up displays informing you that the action schedules the deletion of your secret and its version. +4. Type **DELETE** and click **Delete secret** to confirm. Your secret displays in the **Scheduled for deletion** tab for a period of 7 days before being permanently deleted. - - Although you cannot delete a [protected secret](/secret-manager/concepts/#secret-protection), you can delete its versions - - Deleting a secret is a permanent action. It erases every version you have created for your secret + - Although you cannot delete a [protected secret](/secret-manager/concepts/#secret-protection), you can delete its versions. + - Deleting a secret is a permanent action. It erases every version you have created for your secret if you do not [recover it](/secret-manager/how-to/recover-secrets/) before the end of the retention period. - - diff --git a/pages/secret-manager/how-to/delete-version.mdx b/pages/secret-manager/how-to/delete-version.mdx index 67eb94df2e..a6867897d0 100644 --- a/pages/secret-manager/how-to/delete-version.mdx +++ b/pages/secret-manager/how-to/delete-version.mdx @@ -7,13 +7,15 @@ content: paragraph: Learn how to securely delete versions of secrets using the Scaleway console. Follow these steps to effectively manage your sensitive data. tags: sensitive-data storage-system api-key dates: - validation: 2025-03-14 + validation: 2025-04-15 posted: 2023-02-21 categories: - identity-and-access-management --- -This page explains how to delete a secret [version](/secret-manager/concepts/#version) using the [Scaleway console](https://console.scaleway.com). +This page explains how to [schedule](/secret-manager/concepts/#scheduled-deletion) a [version](/secret-manager/concepts/#version) deletion using the [Scaleway console](https://console.scaleway.com). + +Once you schedule a version for deletion, it enters a 7 day pending deletion period, during which you can still [recover it](/secret-manager/how-to/recover-version/). After this retention period, the version is permanently deleted. @@ -27,11 +29,11 @@ This page explains how to delete a secret [version](/secret-manager/concepts/#ve 3. Access the secret for which you want to delete the version. Your secret's **Overview** tab displays. 4. Click the **Versions** tab. 5. Click next to the version you want to delete. -6. Click **Delete**. A pop-up displays. -7. Type **DELETE** and click **Delete version**. +6. Click **Delete**. A pop-up displays informating you that the action schedules the deletion of your version. +7. Type **DELETE** and click **Delete version**. Your version enters the **Scheduled for deletion** status for a period of 7 days before being permanently deleted. - Deleting a version is permanent. You will not be able to use the version again. + Deleting a version is permanent. You will not be able to use the version again if you do not [recover it](/secret-manager/how-to/recover-version/) before the end of the retention period. diff --git a/pages/secret-manager/how-to/recover-secrets.mdx b/pages/secret-manager/how-to/recover-secrets.mdx new file mode 100644 index 0000000000..6b9f8e3956 --- /dev/null +++ b/pages/secret-manager/how-to/recover-secrets.mdx @@ -0,0 +1,48 @@ +--- +meta: + title: How to recover secrets scheduled for deletion + description: Recover secrets scheduled for deletion in the Scaleway console before they are permanently removed. +content: + h1: How to recover secrets scheduled for deletion + paragraph: Recover secrets scheduled for deletion in the Scaleway console before they are permanently removed. +tags: secret sensitive-data scheduled-deletion recover-secret +dates: + validation: 2025-04-15 + posted: 2025-04-15 +categories: + - identity-and-access-management +--- + +This page shows you how to recover secrets scheduled for deletion using the Scaleway [console](https://console.scaleway.com). Once you schedule a secret for deletion, it enters a 7 day pending deletion period, during which you can still recover it. +After this retention period, the secret and all its versions are permanently deleted. + + + Scheduled deletion deletes ephemeral secrets and their versions immediately. + + + + +- A Scaleway account logged into the [console](https://console.scaleway.com) +- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization +- Created a [secret](/secret-manager/how-to/create-secret/) +- Scheduled secrets for deletion + +## How to recover one secret + +1. Click **Secret Manager** in the **Security and Identity** section of the [Scaleway console](https://console.scaleway.com/) side menu. +2. Select the [region](/secret-manager/concepts/#region) in which to recover the secret, in the **Region** drop-down. +3. Click the **Scheduled for deletion** tab. Your secrets display. +4. Click next to the secret you want to recover and click **Recover**. A pop-up displays with the estimated cost for recovering the secret. + + Recovering a secret is billed €0.01 per version associated with the secret. + +5. Click **Recover secret** to confirm. Your secret displays in the **Secrets** tab. + +## How to recover several secrets + +1. Click **Secret Manager** in the **Security and Identity** section of the [Scaleway console](https://console.scaleway.com/) side menu. +2. Select the [region](/secret-manager/concepts/#region) in which to recover the secret, in the **Region** drop-down. +3. Click the **Scheduled for deletion** tab. Your secrets display. +4. Tick the checkbox next to **Name** to select all the secrets you want to recover. +5. Click the circular arrow to recover the selected secrets. +6. Check the estimated cost and click **Recover secrets** to confirm. \ No newline at end of file diff --git a/pages/secret-manager/how-to/recover-version.mdx b/pages/secret-manager/how-to/recover-version.mdx new file mode 100644 index 0000000000..cf36b40872 --- /dev/null +++ b/pages/secret-manager/how-to/recover-version.mdx @@ -0,0 +1,38 @@ +--- +meta: + title: How to recover a version scheduled for deletion + description: Recover a version scheduled for deletion in the Scaleway console before it is permanently removed. +content: + h1: How to recover a version scheduled for deletion + paragraph: Recover a version scheduled for deletion in the Scaleway console before it is permanently removed. +tags: secret sensitive-data scheduled-deletion recover-version +dates: + validation: 2025-04-15 + posted: 2025-04-15 +categories: + - identity-and-access-management +--- + +This page shows you how to recover a version scheduled for deletion using the Scaleway [console](https://console.scaleway.com). Once you schedule a version for deletion, it enters a 7 day pending deletion period, during which you can still recover it. +After this retention period, the version is permanently deleted. + + + Scheduled deletion deletes ephemeral secrets and their versions immediately. + + + + +- A Scaleway account logged into the [console](https://console.scaleway.com) +- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization +- Created a [version](/secret-manager/how-to/create-version/) +- Scheduled a version for deletion + +1. Click **Secret Manager** in the **Security and Identity** section of the [Scaleway console](https://console.scaleway.com/) side menu. +2. Select the [region](/secret-manager/concepts/#region) in which to recover the version, in the **Region** drop-down. +3. Access the secret for which you want to recover the version. Your secret's **Overview** tab displays. +4. Click the **Versions** tab. +5. Click next to the version you want to recover, and click **Recover**. A pop-up displays with the estimated cost for recovering the version. + + Recovering a version is billed €0.01. + +6. Click **Recover version** to confirm. You version displays in the **Versions** tab with the same status as before the scheduled deletion. \ No newline at end of file From 151ec9393f988fc100561b342b8dbd5a3a40c338 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?N=C3=A9da?= <87707325+nerda-codes@users.noreply.github.com> Date: Tue, 15 Apr 2025 18:01:49 +0200 Subject: [PATCH 2/2] Apply suggestions from code review Co-authored-by: Jessica <113192637+jcirinosclwy@users.noreply.github.com> --- pages/secret-manager/how-to/delete-secret.mdx | 2 +- pages/secret-manager/how-to/delete-version.mdx | 2 +- pages/secret-manager/how-to/recover-secrets.mdx | 4 ++-- pages/secret-manager/how-to/recover-version.mdx | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/pages/secret-manager/how-to/delete-secret.mdx b/pages/secret-manager/how-to/delete-secret.mdx index 3dd91e784c..072818d113 100644 --- a/pages/secret-manager/how-to/delete-secret.mdx +++ b/pages/secret-manager/how-to/delete-secret.mdx @@ -15,7 +15,7 @@ categories: This page explains how to [schedule a secret deletion](/secret-manager/concepts/#scheduled-deletion) using the [Scaleway console](https://console.scaleway.com). You **cannot delete protected secrets**, i.e. secrets to which you have applied [secret protection](/secret-manager/concepts/#secret-protection). -Once you schedule a secret for deletion, it enters a 7 day pending deletion period, during which you can still [recover it](/secret-manager/how-to/recover-secrets/). After this retention period, the secret and all its versions are permanently deleted. +Once you schedule a secret for deletion, it enters a 7-day pending deletion period, during which you can still [recover it](/secret-manager/how-to/recover-secrets/). After this retention period, the secret and all its versions are permanently deleted. diff --git a/pages/secret-manager/how-to/delete-version.mdx b/pages/secret-manager/how-to/delete-version.mdx index a6867897d0..da2ef80afa 100644 --- a/pages/secret-manager/how-to/delete-version.mdx +++ b/pages/secret-manager/how-to/delete-version.mdx @@ -15,7 +15,7 @@ categories: This page explains how to [schedule](/secret-manager/concepts/#scheduled-deletion) a [version](/secret-manager/concepts/#version) deletion using the [Scaleway console](https://console.scaleway.com). -Once you schedule a version for deletion, it enters a 7 day pending deletion period, during which you can still [recover it](/secret-manager/how-to/recover-version/). After this retention period, the version is permanently deleted. +Once you schedule a version for deletion, it enters a 7-day pending deletion period, during which you can still [recover it](/secret-manager/how-to/recover-version/). After this retention period, the version is permanently deleted. diff --git a/pages/secret-manager/how-to/recover-secrets.mdx b/pages/secret-manager/how-to/recover-secrets.mdx index 6b9f8e3956..f0c7a339ad 100644 --- a/pages/secret-manager/how-to/recover-secrets.mdx +++ b/pages/secret-manager/how-to/recover-secrets.mdx @@ -13,7 +13,7 @@ categories: - identity-and-access-management --- -This page shows you how to recover secrets scheduled for deletion using the Scaleway [console](https://console.scaleway.com). Once you schedule a secret for deletion, it enters a 7 day pending deletion period, during which you can still recover it. +This page shows you how to recover secrets scheduled for deletion using the Scaleway [console](https://console.scaleway.com). Once you schedule a secret for deletion, it enters a 7-day pending deletion period, during which you can still recover it. After this retention period, the secret and all its versions are permanently deleted. @@ -32,7 +32,7 @@ After this retention period, the secret and all its versions are permanently del 1. Click **Secret Manager** in the **Security and Identity** section of the [Scaleway console](https://console.scaleway.com/) side menu. 2. Select the [region](/secret-manager/concepts/#region) in which to recover the secret, in the **Region** drop-down. 3. Click the **Scheduled for deletion** tab. Your secrets display. -4. Click next to the secret you want to recover and click **Recover**. A pop-up displays with the estimated cost for recovering the secret. +4. Click next to the secret you want to recover and click **Recover**. A pop-up displays the estimated cost of recovering the secret. Recovering a secret is billed €0.01 per version associated with the secret. diff --git a/pages/secret-manager/how-to/recover-version.mdx b/pages/secret-manager/how-to/recover-version.mdx index cf36b40872..ec2dfd5a33 100644 --- a/pages/secret-manager/how-to/recover-version.mdx +++ b/pages/secret-manager/how-to/recover-version.mdx @@ -13,7 +13,7 @@ categories: - identity-and-access-management --- -This page shows you how to recover a version scheduled for deletion using the Scaleway [console](https://console.scaleway.com). Once you schedule a version for deletion, it enters a 7 day pending deletion period, during which you can still recover it. +This page shows you how to recover a version scheduled for deletion using the Scaleway [console](https://console.scaleway.com). Once you schedule a version for deletion, it enters a 7-day pending deletion period, during which you can still recover it. After this retention period, the version is permanently deleted. @@ -31,7 +31,7 @@ After this retention period, the version is permanently deleted. 2. Select the [region](/secret-manager/concepts/#region) in which to recover the version, in the **Region** drop-down. 3. Access the secret for which you want to recover the version. Your secret's **Overview** tab displays. 4. Click the **Versions** tab. -5. Click next to the version you want to recover, and click **Recover**. A pop-up displays with the estimated cost for recovering the version. +5. Click next to the version you want to recover, and click **Recover**. A pop-up displays the estimated cost of recovering the version. Recovering a version is billed €0.01.