Auto-renewal of secrets for Azure key vaults

S, Ramakiran K 1 Reputation point
2022-08-10T07:42:32.003+00:00

Do we have any option of auto-renewal for secrets for Azure key vaults. Currently I see it can be set up manually.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,286 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Ed Harrison 321 Reputation points
    2022-08-10T09:39:49.647+00:00

    Hi @S, Ramakiran K - thanks for your question.

    To confirm, are you asking about auto-renewal for secrets in KeyVault (as opposed to Certificates or Keys, which are different types of resource)? By renewal, I assume you mean regeneration of a new secret (as opposed to extension of the expiration date on a secret)?

    While there isn't a built in way to update secrets, you could use a function app to trigger generation of a new secret when the old one is due to expire. There are some tutorials showing this for both single and dual credential rotation at https://learn.microsoft.com/en-us/azure/key-vault/secrets/tutorial-rotation and https://learn.microsoft.com/en-us/azure/key-vault/secrets/tutorial-rotation-dual?tabs=azure-cli.

    If I've misunderstood your question, please let me know. Otherwise, if this helps, please mark as answer and upvote so that others can find this answer in the future.

    Ed

    2 people found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.