Update License Secret in Azure Key Vault

Prerequisites

Azure Roles:

  • You must have the Key Vault Administrator role for the key vault to add the new license key secret.

  • You must have the Contributor role for the key vault to change the network settings of the key vault.

  • You must have the Contributor role for the App Service to restart the App Service.

Step 1: Turn on Public Access to Key Vault (Temporary)

  1. Go to the Azure Portal.

  2. Navigate to your Key Vault.

  3. In the left pane, select Networking in the Settings section.

Select 'Networking'
  1. Under Firewalls and Virtual Networks, switch from 'Disable public access' to 'Allow public access from specific virtual networks and IP addresses'.

Allow public access from specific networks and IP addresses
  1. Click on Add your client IP address.

Adding your client IP address
  1. Open a browser and search “What is my IP” to get your IP address.

Get your IP address
  1. Copy the IP address and enter it into IP address or CIDR.

Enter IP address
  1. Click Apply.

Apply

Step 2: Update the License Secret in Azure Key Vault

  1. Go to the Secrets section under the Objects menu in the Key Vault.

Go to 'Secrets' section
  1. Click on workspaceLicense.

click 'workspaceLicense'
  1. Click + New Version.

Adding new version
  1. Enter your license key into 'Secret value' and click Create.

Enter the secret

Step 3: Ensure App Service Picks Up the New Secret

  1. Go to the Environment Variables section in the App Service.

Go to 'Environment variables'
  1. Click on Pull reference values to pull the latest values from the key vault secret.

Pull reference values
  1. Click Confirm.

Confirm

Step 4: Revert Key Vault to Private Access.

Go back to Key Vault’s Networking section, select Disable public access, and then click Apply.

Disable public access

It may take a few minutes to replicate the secrets from the Key Vault; if this does not happen immediately, we recommend restarting your app service.

Last updated