Updating an Expired Azure Secret using the Azure Console

The secrets you use for an Azure credential can be set to expire in 1 year, 2 years, or never expire. If and when they do expire, ParkMyCloud will no longer be able to access your cloud and manage your resources. You may get a notification or error that says something like “An error occurred while discovering resources for credential "Azure Dev PMC-1": Unable to list regions.“

When this happens, you need to update the secret.

  1. Open the ParkMyCloud Console and navigate to Credentials. Then select the credential that has the expired secret, opening the Edit Credential screen.

  2. Copy the App Id from the text box near the bottom the screen.

  3. In a separate window, login to the Azure Console and navigate to Azure Active Directory > App registrations

  4. Click the tab for All applications

  5. Paste the copied App Id into the search box on this screen. This should filter the applications down to the one that needs to be updated.

  6. Click on the link for the application under the Display name header

  7. There may be message on the next screen informing you that the secret is expired. If there is, you can use the provided link to get in and change the secret.

  8. If there is no message, click the Certificates & secrets menu item

  9. Select New client secret

  10. Decide how long you want the secret to be valid. We recommend selecting either 1 or 2 years. Enter a description if desired. Click Add

  11. The new secret will be displayed with the new expiration date. Make note of this date - we will be adding it to the ParkMyCloud console.

  12. Note that this will be the only time you will be able to see the secret in the Azure console - if you need to store the secret in a password manager, now is a good time to do that.

  13. Copy the secret

  14. Back in the ParkMyCloud Console on the Edit credential screen, paste the new secret into the App Access Key text box

  15. Enter the new expiration date of the credential in the next field. If you have a Credential Errors notification configured, we will send you a notification one week before the credential expires. Go to the Notifications left-menu item to set up a new notification after you have completed the rest of the steps below.

  16. Click the Test button to confirm the new secret is working. You should be able to get green checkmark indicators for at least the first three items on the Validation screen. (Problems with the subsequent tests indicate a problem with permissions within Azure, not problems with actually logging in.)

  17. Important: To save the new secret, click the Finish button at the top right of the screen.

  18. You are done!

Note that if you created a single Azure app registration that was used for multiple Azure subscriptions and their ParkMyCloud credentials, you will need to edit each of the affected credentials, copying the same App Access Key to each of them, Testing them, and clicking Finish.