This page tracks which Azure Key Vault REST API operations are implemented in Topaz, split by control plane (ARM resource management) and data plane (secrets, keys, certificates served on port 8898).
Legend
| Symbol | Meaning |
|---|
| ✅ | Implemented |
| ❌ | Not implemented |
Control Plane
The control plane covers ARM operations available under management.azure.com — creating and managing vault resources.
Vaults
REST reference
| Operation | Status | Notes |
|---|
| Check Name Availability | ✅ | |
| Create Or Update | ✅ | |
| Delete | ✅ | |
| Get | ✅ | |
| Get Deleted | ✅ | |
| List | ✅ | Via GET /subscriptions/{id}/resources?$filter=... |
| List By Resource Group | ✅ | |
| List By Subscription | ✅ | |
| List Deleted | ✅ | |
| Purge Deleted | ✅ | |
| Update | ✅ | PATCH |
| Update Access Policy | ✅ | |
Private Endpoint Connections
REST reference
| Operation | Status |
|---|
| Delete | ❌ |
| Get | ❌ |
| List By Resource | ❌ |
| Put | ❌ |
Private Link Resources
REST reference
| Operation | Status |
|---|
| List By Vault | ❌ |
Data Plane
The data plane covers operations served directly from the vault's own hostname (e.g. <vault-name>.vault.azure.net) on port 8898 in Topaz. Only Secrets are partially implemented; Keys and Certificates are not emulated.
Secrets
REST reference
| Operation | Status | Notes |
|---|
| Set Secret | ✅ | PUT /secrets/{secretName} |
| Get Secret | ✅ | By name and by name + version |
| Get Secrets | ✅ | Lists all secrets in the vault |
| Delete Secret | ✅ | |
| Update Secret | ✅ | PATCH /secrets/{secretName}/{secretVersion} |
| Get Secret Versions | ✅ | |
| Backup Secret | ✅ | |
| Restore Secret | ✅ | |
| Get Deleted Secret | ✅ | |
| Get Deleted Secrets | ✅ | |
| Recover Deleted Secret | ✅ | |
| Purge Deleted Secret | ✅ | |
Keys
REST reference
| Operation | Status |
|---|
| Create Key | ❌ |
| Import Key | ❌ |
| Get Key | ❌ |
| Get Keys | ❌ |
| Get Key Versions | ❌ |
| Update Key | ❌ |
| Delete Key | ❌ |
| Backup Key | ❌ |
| Restore Key | ❌ |
| Get Deleted Key | ❌ |
| Get Deleted Keys | ❌ |
| Recover Deleted Key | ❌ |
| Purge Deleted Key | ❌ |
| Rotate Key | ❌ |
| Get Key Rotation Policy | ❌ |
| Update Key Rotation Policy | ❌ |
| Get Random Bytes | ❌ |
| encrypt | ❌ |
| decrypt | ❌ |
| sign | ❌ |
| verify | ❌ |
| wrap Key | ❌ |
| unwrap Key | ❌ |
| release | ❌ |
| Get Key Attestation | ❌ |
Certificates
REST reference
| Operation | Status |
|---|
| Create Certificate | ❌ |
| Import Certificate | ❌ |
| Get Certificate | ❌ |
| Get Certificates | ❌ |
| Get Certificate Versions | ❌ |
| Get Certificate Policy | ❌ |
| Update Certificate | ❌ |
| Update Certificate Policy | ❌ |
| Delete Certificate | ❌ |
| Get Certificate Operation | ❌ |
| Update Certificate Operation | ❌ |
| Delete Certificate Operation | ❌ |
| Merge Certificate | ❌ |
| Backup Certificate | ❌ |
| Restore Certificate | ❌ |
| Get Deleted Certificate | ❌ |
| Get Deleted Certificates | ❌ |
| Recover Deleted Certificate | ❌ |
| Purge Deleted Certificate | ❌ |
| Get Certificate Contacts | ❌ |
| Set Certificate Contacts | ❌ |
| Delete Certificate Contacts | ❌ |
| Get Certificate Issuer | ❌ |
| Get Certificate Issuers | ❌ |
| Set Certificate Issuer | ❌ |
| Update Certificate Issuer | ❌ |
| Delete Certificate Issuer | ❌ |