Forum Discussion

mgfeal's avatar
mgfeal
Brass Contributor
Mar 14, 2023

Service Principal - Applications ... - Monitoring Certificates and Secrets Expiration

This is an example:

 

We need to monitoring the expiration time for our certificates and secrets, and receive an alert when there are a few weeks left until it expires.

 

How can we do it? Any idea?

Thanks!

  • Florian185's avatar
    Florian185
    Copper Contributor
    For example you can do this easy with an Azure Automation Account , use a powershell Runbook , with get-AzureADServicePrincipalKeyCredential u can get the expire Date , then u can send a mail or use Event Grid or anythink else. If this Solution works for you, you can also write a bit more Code, and renew the secret automatetically and store it in a KeyVault, so u have no more manually doings
    • AndriiHo's avatar
      AndriiHo
      Copper Contributor

      Gareth0642040 Hi, please advise, is there perhaps a way to transmit a warning about expired SP to the datadog?

      • Gareth0642040's avatar
        Gareth0642040
        Copper Contributor
        I've never used Datadog before, but if it has its own API to communicate with, then there's no reason why you can build integration yourself to send the data there.

        The key thing is that Azure has nothing out of the box to "alert" you about these expiring (from what I can find) so whatever yours's or anyone's requirements are for alerting, its going to be a solution outside of Azure to do so.

Resources