Key Rotation Overview

Welcome to the Key Rotation feature overview for AZExecute. This powerful feature helps maintain the security of your service principals by automating secret rotations and updating necessary configurations. Below, we detail the various capabilities of the Key Rotation feature.

Service Principal Auto Secret Rotation

The Service Principal Auto Secret Rotation feature enables automatic rotation of the secrets associated with your app registrations (service principals) at a frequency of your choice, such as daily. This enhances security by regularly updating secrets.

Key Vault Integration

The rotated secrets can be securely stored in an Azure Key Vault. This allows other applications to retrieve and use the updated secrets without manual intervention, ensuring seamless integration and enhanced security.

Azure DevOps Service Connection Update

If OIDC connections are not feasible for your setup, this feature can automatically update Azure DevOps Service Connections with the new secret, maintaining continuous integration and delivery pipelines without disruption.

Logic Apps API Connectors Update

This capability allows automatic updating of API connectors within Azure Logic Apps. It supports connectors for various services like storage accounts and key vaults, ensuring they always use the latest secrets for secure access.

Automation Runbook Execution

Upon secret rotation, the system can automatically trigger an Azure Automation Runbook. This feature can pass the new secret to the runbook, enabling tasks such as updating service principals on on-premise systems via hybrid workers.