Recycle Bin's interface
The recycle bin is a node in the Venafi Configuration Console and the MMC snap in. Only users with the master admin role can access it1. If you are trying to restore an item you deleted, and you aren't a master administrator, please reach out to your Venafi administrator for assistance.
When you open the recycle bin node you see rows for "entries" which are groups of items recently deleted. These may have been deleted by a user, or they may have been deleted by a process.
By default, the recycle bin node retrieves and displays up to 2500 objects. In the upper-right corner of the center panel you can see how many items, in total, exist in the recycle bin. Displaying more can increase load time, but if you want to, you can increase the limit using the Retrieve drop-down.
Recycle Bin entries can contain multiple items. For example, if you delete one certificate object, you will get one entry (one row). However, this deletion may have included the active certificate, the related keys, as well as any historical certificates that were previously archived. To see what items are part of an entry, click on the entry, then click the Retrieve details action in the Actions panel. The list of items will be retrieved, and you can use the expand icon (in the Container column) to see all the items in the group.
Three types of entries can be seen in the recycle bin:
-
Configuration objects: items, and collections of items, like policy folders. If the item has no children, then configuration objects only contain one item. However, if the configuration item has children (like a policy folder that contains other policy folders or machine identities), then these will be represented as different items within an entry. The child objects can be of any of the three object types.
-
Vault entries: items (like machine identities, credentials, etc.) that were stored in Secret Store. These are single items that were removed from their owner.
-
Owner entries: collections of Secret Store vault items that were all owned by a particular owner, and the ownership was deleted. For example, a private key and a certificate.
To see detailed information about an entry, click the entry, then click Properties in the Actions panel.
While the columns on the Recycle Bin node are self explanatory, please note the following:
-
They time columns can toggle between relative times (2 hours ago; in 14 days) and absolute times (represented with the date of the event). The column title changes depending on the toggle state. The toggle icon is in the upper-right corner of the table. (Note that if you modify the purge settings in Configuration, this list automatically updates.)
-
Like all tables in the management console, columns can be sorted, and rearranged with drag-and-drop. Right click on a column header for additional options.
The recycle bin will not automatically refresh to show new objects that are deleted while you have the node open, but you can click the Refresh action in the Actions panel.
NOTE There is a configuration that exists on all WebAdmin policy objects called Exclude from automatic deletion. When this setting is enabled, these objects will be ignored by the automatic deletion features of the Recycle Bin.
Advanced Recycle Bin features
There are several advanced recycle bin features that are available using the recycle bin's command line tool on the Venafi Server. For example, you can force the deletion task to run immediately using the command line tool.
For details about how to use the command line Recycle Bin utility, see Command-line administration of Recycle Bin.
What's next?
If you want to restore an item from the recycle bin, see Recycle Bin's details panel
If you want to learn more about the actions and configuration options, see Recycle Bin's actions panel
To understand the business case for recycle bin, see Venafi Recycle Bin.