I'm currently managing a significant number of app registrations and really need an effective method to keep track of certificate expiries. I've read that we can utilize the Graph API to get certificate details and use those in a CI/CD pipeline. However, I'm looking for a more straightforward solution where the certificate data can be stored in a custom table. This way, I could easily run KQL queries and set up alerts for certificates that are nearing expiry. Has anyone set up something like this? Any best practices or recommendations?
2 Answers
You should definitely check out this GitHub repo: azure-orphan-resources. If you set up an Azure Monitor Workbook using it, you can create a dashboard that shows all certificates that are expired or nearing expiry. Plus, it gives you a lot of other useful info about resources that might be forgotten.
I found a good resource that might help! There's a blog post that explains how to find expiring enterprise applications and app registrations using Microsoft Graph. You could set it up as a scheduled task, and it should simplify things. Just search for it online, and you should find it in no time!
Thanks for the suggestion, but I'm trying to avoid using the Graph API altogether!