Automated secrets rotation in Azure Key Vault
Рет қаралды 9,015
Күн бұрынAutomated secrets rotation in Azure Key Vault with Azure Functions.
Link to Part 2 for AAD App Clients secrets rotation: • Automated secrets rota...
Available rotation functions can be found in Azure serverless community library:
serverlesslibr...
Feel free to contribute and build your own rotation functions for other providers.
@16michellevalverde Жыл бұрын
thanks for sharing this. Is it also applicable to auto rotation of SPN? also what will be best the runtime stack used for that?
@azuresecretsmanagement4926 Жыл бұрын
For Service Principal is Part 2. I created video here: kzbin.info/www/bejne/gH7NqHWeo6h0fc0
@armaans64 5 ай бұрын
@@azuresecretsmanagement4926 using this, is it possible to rotate multiple SP secret
@holivieri Жыл бұрын
Great video, do we need to change anything in the source code of apps that use that secret?
@azuresecretsmanagement4926 Жыл бұрын
All you need is to get latest in the app. There is nothing special. You can use SDK or platform with support for auto update. App Services(web app, function app) : Key Vault Reference feature AKS : Secrets CSI Driver VM : Can use App Configuration Service with Key Vault references
@arunprakash1101 Жыл бұрын
How different are Azure workload identities from this?
@azuresecretsmanagement4926 Жыл бұрын
This solutions is to rotate credentials, which could include workload identities like service principal secrets.
@abhinanda8880 3 жыл бұрын
Easy to understand and helpful. Thank you
@prashanth4899 Жыл бұрын
Hi abhinanda, do you know how to rotate the keys for azure open AI?
@abhinanda8880 Жыл бұрын
@@prashanth4899 open Ai?
@prashanth4899 Жыл бұрын
@@abhinanda8880 Yes
@ashishkapoor3816 2 жыл бұрын
This was the demo for rotation of secrets for services that uses two set of credentials like Storage Account/ Cache for Redis. Then there are services which uses one set of credentials like SQL server. Is there easy way to classify of all azure services?
@azuresecretsmanagement4926 Жыл бұрын
There is no difference in general pattern. SQL supports multiple credentials, so you will have user1/pass1,user2/pass2.
@prashanth4899 Жыл бұрын
Awesome Video. I wanted to auto Rotate the 2 access key of my azure Open AI service on every 1 hour schedule. Could you please guide me how can i acheive this.
@azuresecretsmanagement4926 Жыл бұрын
Key Vault does not scale to short-lived credentials. Also, with this frequency any issue will cause an outage. 1h frequency mostly for dynamic credentials/token based, regardless custom solution outside of Key Vault would be required.
@ramubhusal9398 3 жыл бұрын
Is there other way to achieve Auto Key/Secrets Rotation without using Azure Cache for Redis?
@azuresecretsmanagement4926 3 жыл бұрын
In this scenario we rotate Azure Cache for Redis Key and storing copy of it in Key Vault for application use. You can use provided in serverless community template to create your own rotation Function to rotate any password/key for any resource .
@swarupsamrat 3 жыл бұрын
Hey!! What if in place of rotating keys for storage, I want to rotate the keys of event hub. How do i do it?
@azuresecretsmanagement4926 3 жыл бұрын
You can use that pattern to rotate any access key or password. I created template with instructions here: github.com/Azure/KeyVault-Secrets-Rotation-Template-PowerShell/blob/main/Project-Template-Instructions.md
@venkateshboda1473 2 жыл бұрын
excellent
Azure Secrets Management
Рет қаралды 1,8 М.
MuleSoft Azure Key Vault Integration - Avoid Exposing Sensitive Credentials and Redeployment of Code
Sanjeev Tripathi
Рет қаралды 1 М.
Adam Marczak - Azure for Everyone
Рет қаралды 179 М.
Our Cloud School
Рет қаралды 4,1 М.