Is there a way to list all expired secrets from an Azure Key Vault using the CLI? So far I have
az keyvault secret list --vault-name <MyVault> --output table --query [*].'{"Id":id,"expires":attributes.expires}'
This shows me a list
| Id | expires |
|Key1 | 2022-07-08 1200|
|Key2 | 2022-01-01 1200|
I want to be able to set a condition on attributes.expires like attributes.expires < GetDate()
And therefore only return Key2
You can find full documentation here:
Here is a PowerShell sample to query all expired secrets:
$vaultName = "<vault-name>"
$today = Get-Date -Format "yyyy-MM-dd"
az keyvault secret list `
--vault-name $vaultName `
--query "[?attributes.expires <= '$today'].{Id:id, expires:attributes.expires}"