Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now! Learn more

Reply
Anonymous
Not applicable

Azure Key rotation policy using Azure app function in Azure Portal

‎08-22-2023 06:01 AM

Hello All,

 

We have created Azure Key vault and BYOK settings for the workspaces which are assigned in the Dev Power BI premium capacity to encrypt the data. Now we want to rotate the key every 4 months using Azure App function. For that we need a Script to rotate it. Can anyone please provide the script to accomplish the key rotation for Dev premium capacity through Azure App function?

 

Thanks in advance!

Labels:
Message 1 of 2
658 Views
0
1 REPLY 1
Anonymous
Not applicable

‎08-25-2023 07:56 AM

To rotate a key in Azure Key Vault using an Azure Function App, you can use the following PowerShell script:

```powershell
# Install AzureRM and Az modules
Install-Module -Name AzureRM -Force -AllowClobber
Install-Module -Name Az -AllowClobber -Force

# Connect to Azure
Connect-AzAccount -ServicePrincipal -TenantId "<TenantId>" -Credential $psCredential

# Set Key Vault details
$kvName = "<KeyVaultName>"
$keyName = "<KeyName>"

# Rotate the key by creating a new key in Key Vault
$rotatedKey = Add-AzKeyVaultKey -VaultName $kvName -Name $keyName -Destination "<KeyOperations>" -KeySize <KeySize>

# Get the latest version of the key
$targetKey = Get-AzKeyVaultKey -VaultName $kvName -Name $keyName | Sort-Object -Property Created -Descending | Select-Object -First 1

# Delete the old key
Remove-AzKeyVaultKey -VaultName $kvName -Name $targetKey.Name -InRemovedState

# Output the details of the rotated key
$rotatedKey
```

Replace the placeholders `<TenantId>`, `<KeyVaultName>`, `<KeyName>`, `<KeyOperations>`, and `<KeySize>` with your actual values.

You can deploy this script as an Azure Function App by following these steps:

1. In the Azure portal, create a new Function App.
2. Choose the runtime stack as PowerShell.
3. In the Function App settings, go to Platform Features -> Configuration -> Application Settings and set your Azure Key Vault credentials and other necessary settings as environment variables.
4. Create a new Function in the Function App and paste the script into the function code.
5. Save and run the function to rotate the key in Azure Key Vault.

Ensure that the Function App has the necessary permissions to access and manage the Azure Key Vault. You can grant the required permissions by creating a service principal and assigning the appropriate access policies in the Azure Key Vault and granting the necessary permissions to the service principal.

Message 2 of 2
631 Views
0

Helpful resources

Announcements
Power BI DataViz World Championships

Power BI Dataviz World Championships

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now!

December 2025 Power BI Update Carousel

Power BI Monthly Update - December 2025

Check out the December 2025 Power BI Holiday Recap!

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All