How to change passwords and keys in Azure resources with minimal or no downtime

Question

I need to change the password and access keys in several Azure resources:

• SQL Database user password
• Storage Account access keys
• Service Bus Namespace shared key

There are 4 websites and 2 cloud services that uses these password and keys to access the resources. The password and keys are accessed by the apps using the CloudConfigurationManager class.

I can change the password and regenerate the keys in the portal, then go to each website's 'configure' tab and update with the new values but here's the problem: the moment I change those passwords and keys, apps will stop working until I finish to update all of them in the proper setting pages.

How to change them and minimizing the downtime as much as possible?

Answer 1

Service bus and Storage account have concept of primary/secondary key. So you can change keys with 0 downtime.What you need to do:

1. Reconfigure service, website to use secondary key
2. Regenerate primary

SQL database is a different story, but you also can

1. Create new SQL user
2. Reconfigure service, website to use new connection string
3. Delete old user