Forum Discussion
mgfeal
Mar 14, 2023Brass Contributor
Service Principal - Applications ... - Monitoring Certificates and Secrets Expiration
This is an example:
We need to monitoring the expiration time for our certificates and secrets, and receive an alert when there are a few weeks left until it expires.
How can we do it? Any idea?
Thanks!
- Hi
There is no way to do this in the Azure GUI, you have to do it programmatically.
Here is an example of how to do it using PowerShell.
https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/scripts/powershell-export-apps-with-expriring-secrets
- Florian185Copper ContributorFor example you can do this easy with an Azure Automation Account , use a powershell Runbook , with get-AzureADServicePrincipalKeyCredential u can get the expire Date , then u can send a mail or use Event Grid or anythink else. If this Solution works for you, you can also write a bit more Code, and renew the secret automatetically and store it in a KeyVault, so u have no more manually doings
- Gareth0642040Copper ContributorHi
There is no way to do this in the Azure GUI, you have to do it programmatically.
Here is an example of how to do it using PowerShell.
https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/scripts/powershell-export-apps-with-expriring-secrets- AndriiHoCopper Contributor
Gareth0642040 Hi, please advise, is there perhaps a way to transmit a warning about expired SP to the datadog?
- Gareth0642040Copper ContributorI've never used Datadog before, but if it has its own API to communicate with, then there's no reason why you can build integration yourself to send the data there.
The key thing is that Azure has nothing out of the box to "alert" you about these expiring (from what I can find) so whatever yours's or anyone's requirements are for alerting, its going to be a solution outside of Azure to do so.