DEV Community

Marcel.L
Marcel.L

Posted on • Edited on

GitHub Actions Hackathon 2021 - Automate Password Rotation using GitHub Actions

πŸ’‘ How to rotate VM passwords using GitHub Actions and Azure Key Vault

I decided to submit one of my github Actions hacks I did earlier this year as part of this years ActionsHackathon21 contest.

In my original post I demonstrate how we can implement a zero-touch fully automated solution under 15 minutes to rotate all our virtual machines local administrator passwords on a schedule by using a GitHub Actions workflow and a centrally managed Azure key vault. (The technique/concept used in the tutorial is not limited to only Virtual machines. The same concept can be used and applied to almost anything that requires secret rotation).

Here is the link to the original post, enjoy!

Submission Category: Wacky Wildcards

😳πŸ’₯πŸ”₯ I know... ITSec Ops workflows are totally WACKY! πŸ”₯πŸ’₯😳

Yaml File or Link to Code

GitHub logo Pwd9000-ML / Azure-VM-Password-Management

This repository is used to maintain Azure VM local admin passwords using an Azure Key vault

Azure-VM-Password-Management

Update Azure VM passwords Dependabot

This repository hosts a github workflow which is used to maintain Azure VM local admin passwords using an Azure Key vault. See my blog post for full details πŸ˜„

Zero-touch fully automated password rotation using Github workflows and Azure key vault.

Video tutorial

image.png

Use the GitHub marketplace Action

AZURE Virtual machine password rotation has also been made into a GitHub Action which is public on the GitHub marketplace.
For more details. Check it out here: Rotate AZURE Virtual Machine Passwords




Author

Like, share, follow me on: πŸ™ GitHub | 🐧 X/Twitter | πŸ‘Ύ LinkedIn

Top comments (2)

Collapse
 
vicviral profile image
Victor Loveday

This was really helpful. Thanks

Collapse
 
pwd9000 profile image
Marcel.L

So happy this was useful for you :)