Azure – Set expiration on all secrets

Doing policy enforcement, I needed to set an expiration date on all secrets inside a key vault.

When you’ve 100+ items inside the key vault, you need a quick way to do it.

Get all secrets’ name

I use NR>2 to skip the 2 first lines because they’re not interesting:

az keyvault secret list --vault-name "MY-KEYVAULT-NAME" --output table --query "[].name" | awk "NR>2 {print $1}"

Set the expiration on each secret

az keyvault secret set-attributes --vault-name "MY-KEYVAULT-NAME" --expires "2023-01-27T14:00:00Z" --name "SECRET-NAME"

Where is the script?

I won’t post ready-to-use scripts for very simple things.

Are you an engineer or a kid doing just copy/paste and nothing more?

Creating an array and looping over to execute a simple command line, is very trivialโ€ฆ an 8-10-year-old can do it.