Azure API Management with Key Rotation

Question

I am using KeyVault for storing Ocp-Apim-Subscription-Key. Applications are getting this key from KeyVault and making requests to API Management successfully.

But now, i want to rotate this Ocp-Apim-Subscription-Key frequently using powershell scripts in Runbooks. I can't find a way to regerenate Ocp-Apim-Subscription-Key through powershell. Is this possible ? If there is another option to rotate this key then please let me know.

score 2 · Answer 1 · answered Oct 21 '19 at 13:17

# Get API Management Services information and set context
$ApiManagements = Get-AzApiManagement
foreach ($ApiManagement in $ApiManagements)
{
  $ApiManagementContext = New-AzApiManagementContext -ResourceId $ApiManagement.Id

  # Get all API Management Subscriptions
  $ApiManagementSubscriptions = Get-AzApiManagementSubscription -Context $ApiManagementContext
  foreach ($ApiManagementSubscription in $ApiManagementSubscriptions)
  {
    # Update the Keys
    $PrimaryKey = (New-Guid) -replace '-',''
    $SecondaryKey = (New-Guid) -replace '-',''
    Set-AzApiManagementSubscription -Context $ApiManagementContext -SubscriptionId $ApiManagementSubscription.SubscriptionId -PrimaryKey $PrimaryKey `
                                    -SecondaryKey $SecondaryKey -State Active 
  }
}

score 1 · Accepted Answer · answered Jul 31 '18 at 21:04

1

Definitely possible through API:

Should be somewhere in PS as well.

answered Jul 31 '18 at 21:04

Vitaliy Kurokhtin

7,205
1
19
18

Azure API Management with Key Rotation

2 Answers2