Handle Azure Key Vault system events using Azure Monitor alerts

Azure Key Vault can emit events to a system topic when a certificate, key, or secret is about to expire (30 days heads up), and other events when they do expire. For more information, see (Azure Key Vault event schema). You can set up alerts on these events so you can fix expiration issues before your services are affected.

Prerequisites

• Create a Key Vault resource by following instructions from Create a key vault using the Azure portal.
• To learn about Azure Monitor alerts, see How to send events to Azure monitor alerts

Create and configure the event subscription

When creating an event subscription, follow these steps:

1. Enter a name for event subscription.
2. For Event Schema, select the event schema as Cloud Events Schema v1.0. It's the only schema type that's supported for Azure Monitor alerts destination).
3. Select the Topic Type to Key Vault.
4. For Source Resource, select the Key Vault resource.
5. Enter a name for the Event Grid system topic to be created.
6. For Filter to Event Types, select the event types that you're interested in.
7. For Endpoint Type, select Azure Monitor Alert as a destination.
8. Select Configure an endpoint link.
9. On the Select Monitor Alert Configuration page, follow these steps.

   1. Select the alert severity.

   2. Select the action group (optional), see Create an action group in the Azure portal.

   3. Enter a description for the alert.

   4. Select Confirm Selection.

      

10. Now, on the Create Event Subscription page, select Create to create the event subscription. For detailed steps, see subscribe to events through portal.

Manage fired alerts

You can manage the subscription directly in the source (for example, Key Vault resource) by selecting the Events page or by accessing to the Event Grid system topic resource, see the following references: blob event quickstart, and manage the system topic.

Fire alert instances

Now, Key Vault events appear as alerts and you can view them in alerts page. See this article to learn how to manage alert instances.

Next steps

See the following articles:

• Azure Monitor alerts
• Manage Azure Monitor alert rules
• Pull delivery overview
• Push delivery overview
• Concepts
• Quickstart: Publish and subscribe to app events using namespace topics