The issue: Unable to recover deleted key vault.
Policy assigned: "Key vaults should have purge protection enabled"
Policy definition ID: "/providers/Microsoft.Authorization/policyDefinitions/0b60c0b2-2dc2-4e1c-b5c9-abbed971de53"
Policy effect: "Deny"
Even though "enableSoftDelete" is set to true before deletion, in the deleted list, the property is no longer present. When trying to recover the Vault, the policy gets triggered and it does not pass the check for the existence of the "enableSoftDelete" property thus not allowing the recovery as long as the policy effect is set to Deny.
I am not sure if this is a bug or if I am doing something wrong.
Key Vault properties before deletion
Key Vault properties after deletion
Policy If-statement block