Azurecloud~30 mins

Key rotation concepts in Azure - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Key Rotation Concepts in Azure Key Vault

📖 Scenario: You manage secrets and keys in Azure Key Vault for a small company. To keep data safe, you need to rotate keys regularly. This means creating new keys and updating your system to use them without downtime.

🎯 Goal: Build a simple Azure Key Vault key rotation setup using Azure CLI commands in a script. You will create a key, set a rotation policy, and simulate rotating the key.

📋 What You'll Learn

Create an Azure Key Vault named myKeyVault

Create a key named myKey in the vault

Set a key rotation policy to rotate every 30 days

Simulate rotating the key by creating a new version

💡 Why This Matters

🌍 Real World

Key rotation is essential to keep encryption keys secure and reduce risk of compromise in cloud environments.

💼 Career

Cloud engineers and security professionals regularly manage key rotation policies to maintain compliance and security.

Progress0 / 4 steps

Create Azure Key Vault

Write the Azure CLI command to create a Key Vault named myKeyVault in the resource group myResourceGroup located in eastus.

Azure

# Your Azure CLI command here to create the Key Vault

Need a hint?

Use az keyvault create with --name, --resource-group, and --location options.

Create a Key in the Vault

Write the Azure CLI command to create a key named myKey in the Key Vault myKeyVault.

Azure

az keyvault create --name myKeyVault --resource-group myResourceGroup --location eastus
# Your Azure CLI command here to create the key

Need a hint?

Use az keyvault key create with --vault-name and --name options.

Set Key Rotation Policy

Write the Azure CLI command to set a key rotation policy on myKey in myKeyVault to rotate every 30 days.

Azure

az keyvault create --name myKeyVault --resource-group myResourceGroup --location eastus
az keyvault key create --vault-name myKeyVault --name myKey
# Your Azure CLI command here to set the rotation policy

Need a hint?

Use az keyvault key rotation-policy update with --expiry-time and --rotation-frequency set to P30D.

Rotate the Key by Creating a New Version

Write the Azure CLI command to create a new version of the key myKey in myKeyVault to simulate key rotation.

Azure

az keyvault create --name myKeyVault --resource-group myResourceGroup --location eastus
az keyvault key create --vault-name myKeyVault --name myKey
az keyvault key rotation-policy update --vault-name myKeyVault --name myKey --expiry-time P30D --rotation-frequency P30D
# Your Azure CLI command here to create a new key version

Need a hint?

Run az keyvault key create again with the same key name to create a new version.