diff --git a/src/charm.py b/src/charm.py
index 89b6df11..1458e3c3 100755
--- a/src/charm.py
+++ b/src/charm.py
@@ -194,6 +194,11 @@ class CephMonCharm(ops_openstack.core.OSBaseCharm):
         for relation in self.model.relations['admin']:
             hooks.admin_relation_joined(str(relation.id))
 
+    def on_rotate_key_action(self, event):
+        ops_actions.rotate_key.rotate_key(
+            event, self.framework.model
+        )
+
     def __init__(self, *args):
         super().__init__(*args)
         self._stored.is_started = True
@@ -231,7 +236,7 @@ class CephMonCharm(ops_openstack.core.OSBaseCharm):
         self._observe_action(self.on.list_entities_action,
                              ops_actions.list_entities.list_entities)
         self._observe_action(self.on.rotate_key_action,
-                             ops_actions.rotate_key.rotate_key)
+                             self.on_rotate_key_action)
 
         fw.observe(self.on.install, self.on_install)
         fw.observe(self.on.config_changed, self.on_config)
diff --git a/src/ops_actions/rotate_key.py b/src/ops_actions/rotate_key.py
index 68b14277..28592af9 100644
--- a/src/ops_actions/rotate_key.py
+++ b/src/ops_actions/rotate_key.py
@@ -75,7 +75,31 @@ def _restart_daemon(entity, event):
         raise
 
 
-def rotate_key(event) -> None:
+def _handle_rgw_key_rotation(entity, event, model):
+    rgw_name = entity[7:]   # Skip 'client.'
+    relations = model.relations.get('radosgw')
+    if not relations:
+        event.fail('No RadosGW relations found')
+        return
+
+    for relation in relations:
+        for unit in relation.units:
+            try:
+                data = relation.data
+                if data[unit]["key_name"] != rgw_name:
+                    continue
+            except KeyError:
+                logger.exception('key name not found in relation data bag')
+                continue
+
+            data[model.unit][rgw_name + "_key"] = _create_key(entity, event)
+            event.set_results({"message": "success"})
+            return
+
+    event.fail("Entity %s not found" % entity)
+
+
+def rotate_key(event, model=None) -> None:
     """Rotate the key of the specified entity."""
     entity = event.params.get("entity")
     if entity.startswith("mgr"):
@@ -99,5 +123,7 @@ def rotate_key(event) -> None:
         _replace_keyring_file(path, entity, key, event)
         _restart_daemon("ceph-mgr@%s.service" % entity[4:], event)
         event.set_results({"message": "success"})
+    elif entity.startswith('client.rgw.'):
+        _handle_rgw_key_rotation(entity, event, model)
     else:
         event.fail("Unknown entity: %s" % entity)