From d907b26ef914b774c0987e869a616fe68aaec56f Mon Sep 17 00:00:00 2001
From: niro2-1 <niro2-1@walla.co.il>
Date: Mon, 1 Jun 2026 17:47:33 +0300
Subject: [PATCH] Document secret-key rotation procedure

---
 docs/secret-key-rotation.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 docs/secret-key-rotation.md

diff --git a/docs/secret-key-rotation.md b/docs/secret-key-rotation.md
new file mode 100644
index 0000000..681e43d
--- /dev/null
+++ b/docs/secret-key-rotation.md
@@ -0,0 +1,17 @@
+# Secret-Key Rotation Procedure
+
+## Overview
+Secret-key rotation is essential for maintaining security in applications. This document outlines the procedure for rotating secret keys.
+
+## Steps for Rotation
+1. **Identify the Key**: Determine which secret key needs to be rotated.
+2. **Generate New Key**: Create a new secret key using a secure method.
+3. **Update Configuration**: Replace the old key in the application configuration.
+4. **Deploy Changes**: Deploy the application with the updated configuration.
+5. **Test**: Ensure that the application functions correctly with the new key.
+6. **Revoke Old Key**: Once confirmed, revoke the old key to prevent its use.
+
+## Best Practices
+- Regularly schedule key rotations.
+- Use automated tools to manage keys where possible.
+- Monitor usage of keys to detect any unauthorized access.
\ No newline at end of file