{"id":235,"date":"2022-01-27T13:15:00","date_gmt":"2022-01-27T18:15:00","guid":{"rendered":"http:\/\/sycured.127.0.0.1.sslip.io\/?p=235"},"modified":"2024-01-14T11:30:01","modified_gmt":"2024-01-14T16:30:01","slug":"azure-set-expiration-on-all-secrets","status":"publish","type":"post","link":"http:\/\/10.42.0.68:8080\/blog\/azure-set-expiration-on-all-secrets","title":{"rendered":"Azure – Set expiration on all secrets"},"content":{"rendered":"\n

Doing policy enforcement, I needed to set an expiration date on all secrets inside a key vault.<\/p>\n\n\n\n

When you’ve 100+ items inside the key vault, you need a quick way to do it.<\/p>\n\n\n\n\n\n\n\n

Get all secrets’ name<\/h2>\n\n\n\n

I use NR>2<\/code> to skip the 2 first lines because they’re not interesting:<\/p>\n\n\n\n

Result\n--------------------------------------------<\/code><\/pre>\n\n\n\n
az keyvault secret list --vault-name \"MY-KEYVAULT-NAME\" --output table --query \"[].name\" | awk \"NR>2 {print $1}\"<\/code><\/pre>\n\n\n\n
Set the expiration on each secret<\/h2>\n\n\n\n
az keyvault secret set-attributes --vault-name \"MY-KEYVAULT-NAME\" --expires \"2023-01-27T14:00:00Z\" --name \"SECRET-NAME\"<\/code><\/pre>\n\n\n\n
Where is the script?<\/h2>\n\n\n\n
I won’t post ready-to-use scripts for very simple things.<\/p>\n\n\n\n
Are you an engineer or a kid doing just copy\/paste and nothing more?<\/p>\n\n\n\n
Creating an array and looping over to execute a simple command line, is very trivial\u2026 an 8-10-year-old can do it.<\/p>\n","protected":false},"excerpt":{"rendered":"
Doing policy enforcement, I needed to set an expiration date on all secrets inside a key vault. When you’ve 100+ items inside the key vault, you need a quick way to do it.<\/p>\n","protected":false},"author":1,"featured_media":68,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"saved_in_kubio":false,"footnotes":""},"categories":[13],"tags":[19],"_links":{"self":[{"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/posts\/235"}],"collection":[{"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/comments?post=235"}],"version-history":[{"count":2,"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/posts\/235\/revisions"}],"predecessor-version":[{"id":237,"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/posts\/235\/revisions\/237"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/media\/68"}],"wp:attachment":[{"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/media?parent=235"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/categories?post=235"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/10.42.0.68:8080\/wp-json\/wp\/v2\/tags?post=235"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}