Run Azure Resource Graph API daily by using Azure Functions TimerTrigger to check App Service Certificate status. If a certificate that is about to expire is found, alert notification will send using Azure Monitor
-
Enable Managed Identity for Function App
-
Assign Subscription's built in Reader Role to above id.
-
Edit AppSettings of Function App
subscriptionId
: target subscription to checkexpireThreshold
: expire threshold days, default 90
-
Setup Azure Monitor log alert