Key vault soft delete vs purge behaviors

I need to support some scenarios around key vault where I need to ensure that once a key vault is deleted it cannot be restored. This is to ensure that secrets in the vault are not inadvertently disclosed to a different vault user.

Does the Azure Terraform Provider have any tools to change the behavior for dealing with soft deleted key vaults? I’m hoping to find options to

  • Ensure a key vault is not created by restoring a soft deleted vault
  • Purge a key vault after soft deleting

Either one of these would fulfill my use case. Both would be best.