Home > Blockchain >  How to auto renew Service Principals secrets in Azure
How to auto renew Service Principals secrets in Azure

Time:08-10

I have an issue how to auto renew Service Principals secrets in Key Vault Azure?

CodePudding user response:

In short - you can't.

Azure KeyVault only provides the option to auto rotate keys. This feature enables end-to-end zero-touch key rotation for Azure services data encryption with customer-managed key (CMK) stored in Azure Key Vault. https://azure.microsoft.com/en-us/updates/automated-key-rotation-in-azure-key-vault-is-now-available/

What you are trying to achieve is different. Azure AD Service principals are managed by Azure AD. So, you need some sort of automation which generates a new secret there and updates it in keyvault.

A better way (if possible) would be managed identity. Managed Identities can be used like service principals but a fully managed and the secrets are managed behind the scenes for you.
https://azure.microsoft.com/en-us/updates/automated-key-rotation-in-azure-key-vault-is-now-available/

Page link:https//www.codepudding.com/Blockchain/504982.html

Prev:In AzureML, start_logging will start asynchronous execution or synchronous execution?
Next:Terraform azurerm_key_vault - Access policy raising errors
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding