Rotate secrets for Azure Operator Insights ingestion agents
The ingestion agent is a software package that is installed onto a Linux Virtual Machine (VM) owned and managed by you.
It uses a managed identity or service principal to obtain, from the Data Product's Azure Key Vault, the credentials needed to upload data to the Data Product's input storage account.
If you use a service principal, you must refresh its credentials before they expire. In this article, you'll rotate the service principal certificates on the ingestion agent.
Prerequisites
None.
Rotate certificates
- Create a new certificate, and add it to the service principal. For instructions, refer to Upload a trusted certificate issued by a certificate authority.
- Obtain the new certificate and private key in the base64-encoded P12 format, as described in Set up Ingestion Agents for Azure Operator Insights.
- Copy the certificate to the ingestion agent VM.
- Save the existing certificate file and replace with the new certificate file.
- Restart the agent.
sudo systemctl restart az-aoi-ingestion.service
Related content
Learn how to:
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for