Periodically rotate secrets stored in Key Vaults #278
Description
Originally created by @boolean5 on 2024-09-26T12:15:35Z
Original issue: SpringACT/digital-safe-upload-on-blob#578
We should do this for all key vaults (Sophia & Digital Safe, dev and prod).
According to the best practices described in Azure Key Vault's docs:
Secrets rotation
Secrets are often stored in application memory as environment variables or configuration settings for entire application lifecycle, which makes them sensitive to unwanted exposure. Because secrets are sensitive to leakage or exposure, it's important to rotate them often, at least every 60 days.
For more information about the secrets rotation process, see Automate the rotation of a secret for resources that have two sets of authentication credentials.