question

v-girip avatar image
2 Votes"
v-girip asked NiveditaSuman-0353 commented

How to setup an Azure Alert for Automation Account Certificate Expiry

Hi Team,

We have multiple Automation accounts on multiple subscriptions running in our Environment. We need to setup alerts for the Certificates which gets expired for each automation accounts in the subscription via email.

azure-monitor
· 3
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SwathiDhanwada-MSFT avatar image SwathiDhanwada-MSFT ·

@v-girip At this time there isn’t a setting in the Azure Portal that can alert before the automation account certificate expires. I would recommend you to navigate here and share your feedback or suggestions directly with the responsible Azure feature team and clicking the vote button of your suggestion to raise visibility and priority on it.


0 Votes 0 ·
olufemiaMSFT avatar image olufemiaMSFT ·

Hello @v-girip , Swathi is right. there's currently no native Azure alert solution for alerting on expriring azure automation account cert. upvoiting or adding your suggestion as will help the automation team better understand the impact and priority. Perhaps you can add your cert expiration dates across your env to a spreadsheet and run a script that tracks the individual expiry dates and alerts via email based on the cadence you desire e.g. send alert 1month, 2 weeks before expiry..
Here are some PowerShell-based solutions that check cert dates and alert based on expiry date. Hope it helps.

  1. https://help.cortado.com/kb/how-to-get-email-notifications-for-certificates-that-are-about-to-expire/

  2. https://www.lazyexchangeadmin.com/monitor-ssl-certificate-expiration/

  3. https://docs.microsoft.com/en-us/powershell/module/az.automation/get-azautomationcertificate?view=azps-4.7.0



Cheers.

0 Votes 0 ·
NiveditaSuman-0353 avatar image NiveditaSuman-0353 olufemiaMSFT ·

I Cant see the script in the first link & second link is not accessible

0 Votes 0 ·

2 Answers

v-girip avatar image
0 Votes"
v-girip answered SwathiDhanwada-MSFT commented

Do we have similar document as mentioned for App Registration Certificate expiry.

https://www.codeisahighway.com/how-to-audit-expiring-soon-azure-ad-application-credentials-keys-passwords-certificates/

· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SwathiDhanwada-MSFT avatar image SwathiDhanwada-MSFT ·

@v-girip As of today, there are no official documents on how to set up azure alert for Automation Account Certificate Expiry and as mentioned I would recommend you to upvote the feature request to get traction on the request.


0 Votes 0 ·
SwathiDhanwada-MSFT avatar image SwathiDhanwada-MSFT SwathiDhanwada-MSFT ·

@v-girip Hope the information provided is of assistance to you. Kindly revert if you have further questions.

0 Votes 0 ·
NiveditaSuman-0353 avatar image
0 Votes"
NiveditaSuman-0353 answered

I want to know if there is any script which I can run on runbook to get an alert about the expiration of the Automation Account certificate

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.