How do you allow Azure Automation Runbook to connect to the Azure Key Vault and rotate the keys of Azure Storage and store them to the Key Vault?
Experience Level: Junior
Tags: Azure Automation AccountsAzure CloudAzure Key Vault
Answer
- Create an Automation account (if you don't have it yet)
- Create a Run As account that will create a principal in Azure AD
- Create Azure Key Vault access policy to allow a Runbook to access the Key Vault key (Run As account principal will be used)
- Set RBAC roles on Storage account to allow a Runbook to access the Storage Account and rotate the key
- Install the necessary modules in a Runbook (AzureRM.Storage, AzureRM.KeyVault)
- Create a Powershell Runbook with PowerShell script that rotates the key on Storage account and stores it to the Key Vault
- Install the necessary Powershell modules in Runbook
Related Azure Cloud job interview questions
According to Microsoft Cloud Adoption Framework (CAF), what are the three specific terms related to Management phaze that can help improve conversations among business stakeholders?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are 6 key steps for establishing a management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat is management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are the 5 disciplines of cloud governance according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorIs Cloud Security Posture Management (CSPM) available for all Azure Subscriptions?
Microsoft Defender Junior