[Eng]: [Cosmos DB][ClientEncryption] Fix New/Update AzCosmosDbClientEncryptionKey to validate key which is passed as part of KeyWrapMetadata

Azure / azure-powershell

Microsoft Azure PowerShell

Other

4.21k stars 3.81k forks source link

[Eng]: [Cosmos DB][ClientEncryption] Fix New/Update AzCosmosDbClientEncryptionKey to validate key which is passed as part of KeyWrapMetadata #24776

Open kr-santosh opened 4 months ago

kr-santosh commented 4 months ago

Description

Currently we don't validate if the user has passed the complete key along with Key identifier which later causes issue during key rotation during rewrap since latest key version is picked up instead of the version actually used to wrap it.

microsoft-github-policy-service[bot] commented 1 month ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @pjohari-ms, @kushagraThapar, @simplynaveen20.