This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 72%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
Hi,
I am currently looking into configuring alerting for some key vaults when certs/secrets etc are close to expiry. I am currently looking at the solution presented here: https://learn.microsoft.com/en-us/azure/key-vault/general/event-grid-logicapps
This seems like a really great solution, but what I am currently struggling with is how to manage this at scale. Do I really need to create a new event topic and logic app for each new key vault that is deployed? Or is there a way to configure this in such a way that all key vaults can send data to the same event grid topic and the single logic app will pick this up?
I'm really hoping I am missing something simple here.
If this is the case and there is no way to deploy this at scale, does anyone know of a suitable solution for this? My other thoughts were a PowerShell function that would query the secrets etc and add the details to a log analytics table, which could then use azure monitor to Alert.
Either way these seem far to complex for something that should be quite simple.
Thanks!
I wanted to check in and see if you had any other questions or if you were able to resolve this issue?
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
I wanted to check in and see if you had any other questions or if you were able to resolve this issue?
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
Hi,
I do not know what this logic app offers but have you looked at using Azure Policy? Using Policy data in Azure resource graph you can create alerts.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Hi,
Thanks for the reply, I have been looking at Azure policy as well, haven't had a chance to look at implementing the solution you have linked to, but will have a look this afternoon. Still seems overly complex though for something that really should be available natively.
Thanks
The more complex part is mainly on the sending Policy logs to Log Analytics otherwise setting the policies is easy. Policy allows you that scale method as you can configure policy on each subscription or on management groups.
I have edited the answer to include a new feature which makes the second step of alerting on policy data very easy.
Ahh thanks, I had just happened to come across that as well and was going to take a look. Thanks for your help.