Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Try your skills in the Power BI Dataviz World Championship! Round one ends June 26. Join now

Reply
Anonymous
Not applicable

Azure Key rotation policy using Azure app function in Azure Portal

‎08-22-2023 06:01 AM

Hello All,

 

We have created Azure Key vault and BYOK settings for the workspaces which are assigned in the Dev Power BI premium capacity to encrypt the data. Now we want to rotate the key every 4 months using Azure App function. For that we need a Script to rotate it. Can anyone please provide the script to accomplish the key rotation for Dev premium capacity through Azure App function?

 

Thanks in advance!

Labels:
Message 1 of 2
787 Views
0
1 REPLY 1
Anonymous
Not applicable

‎08-25-2023 07:56 AM

To rotate a key in Azure Key Vault using an Azure Function App, you can use the following PowerShell script:

```powershell
# Install AzureRM and Az modules
Install-Module -Name AzureRM -Force -AllowClobber
Install-Module -Name Az -AllowClobber -Force

# Connect to Azure
Connect-AzAccount -ServicePrincipal -TenantId "<TenantId>" -Credential $psCredential

# Set Key Vault details
$kvName = "<KeyVaultName>"
$keyName = "<KeyName>"

# Rotate the key by creating a new key in Key Vault
$rotatedKey = Add-AzKeyVaultKey -VaultName $kvName -Name $keyName -Destination "<KeyOperations>" -KeySize <KeySize>

# Get the latest version of the key
$targetKey = Get-AzKeyVaultKey -VaultName $kvName -Name $keyName | Sort-Object -Property Created -Descending | Select-Object -First 1

# Delete the old key
Remove-AzKeyVaultKey -VaultName $kvName -Name $targetKey.Name -InRemovedState

# Output the details of the rotated key
$rotatedKey
```

Replace the placeholders `<TenantId>`, `<KeyVaultName>`, `<KeyName>`, `<KeyOperations>`, and `<KeySize>` with your actual values.

You can deploy this script as an Azure Function App by following these steps:

1. In the Azure portal, create a new Function App.
2. Choose the runtime stack as PowerShell.
3. In the Function App settings, go to Platform Features -> Configuration -> Application Settings and set your Azure Key Vault credentials and other necessary settings as environment variables.
4. Create a new Function in the Function App and paste the script into the function code.
5. Save and run the function to rotate the key in Azure Key Vault.

Ensure that the Function App has the necessary permissions to access and manage the Azure Key Vault. You can grant the required permissions by creating a service principal and assigning the appropriate access policies in the Azure Key Vault and granting the necessary permissions to the service principal.

Message 2 of 2
760 Views
0

Helpful resources

Announcements
Fabric Data Days is here Carousel

Data Days 2026

Don't miss out on Data Days, June 15 through August 7. Learn Fabric, Power BI, SQL, AI and more.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

View All