Skip to content

Update how-to-configure-key-rotation.md #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update how-to-configure-key-rotation.md #107

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions articles/key-vault/keys/how-to-configure-key-rotation.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,9 @@ Use Azure PowerShell [Invoke-AzKeyVaultKeyRotation](/powershell/module/az.keyvau
Invoke-AzKeyVaultKeyRotation -VaultName <vault-name> -Name <key-name>
```

> [!NOTE]
> When manually creating a new version of your customer-managed key, ensure that both the old and new key versions are in the Enabled state. This allows Azure Container Registry (ACR) to automatically detect and apply the new version. After ACR updates to the new key version, you can safely disable the old version.

## Configure key near expiry notification

Configuration of expiry notification for Event Grid key near expiry event. In case when automated rotation cannot be used, like when a key is imported from local HSM, you can configure near expiry notification as a reminder for manual rotation or as a trigger to custom automated rotation through integration with Event Grid. You can configure notification with days, months and years before expiry to trigger near expiry event.
Expand Down