AZE - Azure Secret Expiration

Introduction

The Azure Secret Expiration (AZE) app allows you to monitor the expiration of Azure secrets within a specific tenant, as well as the expiration of additional manually entered tokens or certificates. If it expires soon, the app will send a notification via email.

Subscription
Some features of the Azure Secret Expiration (AZE) app require a subscription. You can activate this subscription from the SUBSCRIPTION CONTROL PANEL or directly from the notification messages that the system offers by clicking on the link to start the subscription wizard. For details, visit the website Eos Solutions.

Subscription

Some features of the Azure Secret Expiration (AZE) app require a subscription. You can activate this subscription from the SUBSCRIPTION CONTROL PANEL or directly from the notification messages that the system offers by clicking on the link to start the subscription wizard.

For details, visit the website Eos Solutions.

Azure Secret Expiration (AZE) - SUMMARY

Press ALT + Q and type "AZE" to see a list of the involved features:

Setup Azure Secret Expirations

On the Setup page, you need to configure the process queue that will periodically check various expiration dates (if the process queue has not been set, the system will prompt you to do so).

Azure Tenant Expirations

In Azure Tenant Expirations, you can add and monitor different tenants.

Dedicated Client ID and Client Secret are required.

Note

On the Azure API Permissions page, set the Application.Read.All permission to read all app registrations in the tenant to identify their respective Secrets.

You can view all secrets related to apps in the tenant from the Apps section:

For each app, it displays the number of Secrets, how many secrets are expiring, and how many have already expired.

To determine when a secret is considered "Expiring" or "Expired," you need to set the relevant fields in the Setup:

Notifications

On the Setup page, you specify to whom notifications should be sent and the type of notifications (Expiring / Expired):

The process queue that runs every day will check the secrets, update them, and send email notifications to the users configured in the setup.

In the Notifications entries, you can view the notifications that will be sent:

User-Defined Expirations

In addition to Azure secrets, you can monitor other secrets or certificates to be notified in case of imminent expiration:

Field	Description
Type	Choose whether it's a Certificate, Token, or other
Description	Freeform description
Expiration Date	Specify the expiration date
Enable Notification	Enable sending
Expired Threshold	Define how many days after expiration you want to be notified
Expiring Threshold	Define how many days before expiration you want to be notified
Customer No.	Enter the Customer No.

To set up users who will receive notifications, open the All Notification Setup: by choosing the Tenant ID you can view all the notifications and the users to whom they will be sent.

By setting the Tenant ID to " User Defined ", you can manually choose the type of notification and the user to send it to.

Users who always receive notifications

On the Setup page you can set users who will always receive notifications. They are therefore not users associated with a specific tenant.

In User Setup the user must have an email address associated with them and a working account must be set up in Email Accounts.