Deleted the encryption key which is stored in Azure Keyvault how to unseal the vault app?

We are using azure postgressql storage in the backend and the azure key vault for seal. I deleted the key from the azure key vault and now the pods are throwing error stating unable to unseal.

2022-05-20T10:57:46.121Z [WARN] failed to unseal core: error="fetching stored unseal keys failed: failed to decrypt keys from storage: keyvault.BaseClient#UnwrapKey: Failure responding to request: StatusCode=404 – Original Error: autorest/azure: Service returned an error. Status=404 Code=“KeyNotFound” Message=“A key with (name/id) vault-key/e8da59f430bf4781b8f8cfd1b1542582 was not found in this key vault. If you recently deleted this key you may be able to recover it using the correct recovery command. For help resolving this issue, please see Azure Key Vault recovery overview | Microsoft Docs"”

Please suggest to re-initialize vault.

As the error message says if you remove the unseal key from Azure Vault will no longer be able to unseal the database.

To get access to the data again you will need to recover that key (eg. From a backup). There is a link with some suggestions in the error message.

Hi stuart,

 Document says that can restore the azure keyvault but its already purged. There is no backup copy of keys.

In which case it is no longer possible to unseal Vault.

The only option at that point would be to delete all the data in PostgreSQL and re-initialise Vault. You’d then have a new unseal key (which you really should take a backup of) and an empty Vaulr ready to use.