Azure Service Bus Key Rotation GuideΒΆ
This guide outlines the manual process of rotating the keys for Azure Service Bus used in our infrastructure.
π Note: There is currently no automation or script available for this task β it must be done manually.
π Key Rotation StepsΒΆ
Follow these steps carefully to rotate the Azure Service Bus keys without service disruption:
-
Check Current Key Usage
- In the global Key Vault, identify which key is currently being used:
Primary KeyorSecondary Key.
- In the global Key Vault, identify which key is currently being used:
-
Regenerate the Unused Key
- Go to the Azure Portal.
- Navigate to the relevant Azure Service Bus namespace.
- Regenerate the key that is not currently in use (either Primary or Secondary).
-
Update Key Vault Secrets
- Replace the corresponding key values in Azure Key Vault.
-
Restart All Application Pods
- Restrt pod from one service to test if it can connect to service bus
- Restart all pods to ensure they pick up the updated credentials from Key Vault.
β οΈ Important NotesΒΆ
- β Do not regenerate the key currently in use.
- β Always confirm the active key before regenerating the other.
- π This is a manual operation and requires careful handling.