Update License Secret in Azure Key Vault

Prerequisites

Azure Roles:

  • You must have the Key Vault Administrator role for the key vault to add the new license key secret.

  • You must have the Contributor role for the key vault to change the network settings of the key vault.

  • You must have the Contributor role for the App Service to restart the App Service.

Step 1: Turn on Public Access to Key Vault (Temporary)

  1. Go to the Azure Portal.

  2. Navigate to your Key Vault.

  3. In the left pane, select Networking in the Settings section.

Select 'Networking'
  1. Under Firewalls and Virtual Networks, switch from 'Disable public access' to 'Allow public access from specific virtual networks and IP addresses'.

Allow public access from specific networks and IP addresses
  1. Click on Add your client IP address.

Adding your client IP address
  1. Open a browser and search “What is my IP” to get your IP address.

Get your IP address
  1. Copy the IP address and enter it into IP address or CIDR.

Enter IP address
  1. Click Apply.

Apply

Step 2: Update the License Secret in Azure Key Vault

  1. Go to the Secrets section under the Objects menu in the Key Vault.

Go to 'Secrets' section
  1. Click on workspaceLicense.

click 'workspaceLicense'
  1. Click + New Version.

Adding new version
  1. Enter your license key into 'Secret value' and click Create.

Enter the secret

Step 3: Ensure App Service Picks Up the New Secret

  1. Go to the Environment Variables section in the App Service.

Go to 'Environment variables'
  1. Search for “BOOTSTRAP_ON_PREMISE_WORKSPACE_LICENSE” in the search bar.

Search the env
  1. Click “BOOTSTRAP_ON_PREMISE_WORKSPACE_LICENSE” and then copy both the name and value and paste them in a notepad; we will need to use them later.

Copy and retain the name and value
  1. Close this window, and delete this environment variable now.

Delete env
  1. Click Apply.

Apply
  1. Once the configurations are applied, we need to add the removed env to the app service back again. To do this, click +Add.

Click 'Add'
  1. Now paste the copied values into the name and value fields and click Apply.

Enter the copied name and value

Step 4: Revert Key Vault to Private Access.

Go back to Key Vault’s Networking section, select Disable public access, and then click Apply.

Disable public access

It may take a few minutes to replicate the secrets from the Key Vault; if this does not happen immediately, we recommend restarting your app service.

Last updated