Hi,
Many of the Azure services support customer managed keys which basically is encryption of the data stored by those services using keys from Azure Key Vault. By default many of those services encryption is done by Azure. They manage the encryption and the rotation of the keys without that being visible to the end user. In case you want encrypt those services with your own keys you can use keys on Key Vault to do that. It is up to you to manage those keys and the encryption (CMKs). Key rotation policies is a feature in Key Vault that allows new key versions to be issued automatically on schedule. If those keys for which you are renewing automatically are used for encryption using customer managed keys you need to check if that services supports automatically picking the new version of the key or you need to change the configuration of the encryption manually with pointing to the new key version.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.