You want to use an Azure Automation Account runbook to rotate keys of the storage account and store them to Azure Key Vault. What are the first steps that you should do?

Experience Level: Junior
Tags: Azure Automation AccountsAzure CloudAzure Key VaultAzure Storage

Answer

  • Create Azure Automation Account
  • Import Modules to access Azure Key vault (AzureRM.Profile, AzureRM.KeyVault)
  • Configure Azure Key Vault access policy (either using Azur e Portal or run Set-AzKeyVaultAccessPolicy)
  • Create a Runbook (PowerShell Runbook)
  • Configure the PowerShell script that will retrieve the automation connection using Get-AutomationConnection, login to Azure using TenantId, ApplicationId, CertificateThumbprint from the connection, then it will create new keys in Azure Key Vault and update the keys in the Azure Storage Account

Note that by default you don't need to Add a new Connection as a connection gets automatically created on Azure Automation Account creation (its name is AzureRunAsConnection)

Related Azure Cloud job interview questions

Comments

No Comments Yet.
Be the first to tell us what you think.
Azure Key Vault
Azure Key Vault

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
Azure Storage
Azure Storage

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
Azure Automation Accounts
Azure Automation Accounts

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
AZ-500 Microsoft Azure Security Technologies Preparation
AZ-500 Microsoft Azure Security Technologies Preparation

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself