Skip to main content

General availability: AKS auto-certificate rotation

Published date: December 01, 2021

Azure Kubernetes Service (AKS) uses certificates for authentication with many of its components. Periodically, you may need to rotate those certificates for security or policy reasons. AKS will now automatically rotate non-CA certificates on both the control plane and agent nodes before they expire with no downtime for the cluster.

AKS auto-certificate feature is currently available in the following regions:

  • East US 2 Early Updates Access Program (EUAP)
  • Central US EUAP
  • West Central US
  • UK South
  • East US
  • Australia Central
  • Australia East

This capability is being rolled out to other regions and will become available in the remaining Azure regions by end of Feb 2022.

Learn more.

  • Azure Kubernetes Service (AKS)
  • Features