Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

A new Data Days event is coming soon! This time we’re going bigger than ever. Fabric, Power BI, SQL, AI and more. Don't miss out.

Reply
Anonymous
Not applicable

Azure Key rotation policy using Azure app function in Azure Portal

‎08-22-2023 06:01 AM

Hello All,

 

We have created Azure Key vault and BYOK settings for the workspaces which are assigned in the Dev Power BI premium capacity to encrypt the data. Now we want to rotate the key every 4 months using Azure App function. For that we need a Script to rotate it. Can anyone please provide the script to accomplish the key rotation for Dev premium capacity through Azure App function?

 

Thanks in advance!

Labels:
Message 1 of 2
769 Views
0
1 REPLY 1
Anonymous
Not applicable

‎08-25-2023 07:56 AM

To rotate a key in Azure Key Vault using an Azure Function App, you can use the following PowerShell script:

```powershell
# Install AzureRM and Az modules
Install-Module -Name AzureRM -Force -AllowClobber
Install-Module -Name Az -AllowClobber -Force

# Connect to Azure
Connect-AzAccount -ServicePrincipal -TenantId "<TenantId>" -Credential $psCredential

# Set Key Vault details
$kvName = "<KeyVaultName>"
$keyName = "<KeyName>"

# Rotate the key by creating a new key in Key Vault
$rotatedKey = Add-AzKeyVaultKey -VaultName $kvName -Name $keyName -Destination "<KeyOperations>" -KeySize <KeySize>

# Get the latest version of the key
$targetKey = Get-AzKeyVaultKey -VaultName $kvName -Name $keyName | Sort-Object -Property Created -Descending | Select-Object -First 1

# Delete the old key
Remove-AzKeyVaultKey -VaultName $kvName -Name $targetKey.Name -InRemovedState

# Output the details of the rotated key
$rotatedKey
```

Replace the placeholders `<TenantId>`, `<KeyVaultName>`, `<KeyName>`, `<KeyOperations>`, and `<KeySize>` with your actual values.

You can deploy this script as an Azure Function App by following these steps:

1. In the Azure portal, create a new Function App.
2. Choose the runtime stack as PowerShell.
3. In the Function App settings, go to Platform Features -> Configuration -> Application Settings and set your Azure Key Vault credentials and other necessary settings as environment variables.
4. Create a new Function in the Function App and paste the script into the function code.
5. Save and run the function to rotate the key in Azure Key Vault.

Ensure that the Function App has the necessary permissions to access and manage the Azure Key Vault. You can grant the required permissions by creating a service principal and assigning the appropriate access policies in the Azure Key Vault and granting the necessary permissions to the service principal.

Message 2 of 2
742 Views
0

Helpful resources

Announcements
May Power BI Update Carousel

Power BI Monthly Update - May 2026

Check out the May 2026 Power BI update to learn about new features.

Fabric SQL PBI Data Days

Data Days 2026 coming soon!

Sign up to receive a private message when registration opens and key events begin.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

View All