search

MicrosoftDocs / azure-docs

Open source documentation of Microsoft Azure
https://docs.microsoft.com/azure
Creative Commons Attribution 4.0 International
10.26k stars 21.43k forks source link

Data encryption: assigning Key identifier to the newest/current version of encryption key automatically #120552

Closed mrszop closed 7 months ago

mrszop commented 7 months ago

About "Azure Database for PostgreSQL - Flexible Server data encryption with a customer-managed key"

Is it possible to update the key identifier automatically after a key rotation took place? In the current situation we have to use the Azure Portal/UI and point the key identifier to the newest version (called current) of our encryption key in the Azure Key Vault. This is kind of tedious because we have to do it manually or run at least once our Terraform pipeline and also against compliance rules. Is there a way/ solution to automate this behaviour completely?

I've also tried to use Terraform with versionless_id, but this won't work since the key identifier expects following format: Key identifier should be in the format of: "https://{keyvaultname}.vault.azure.net/keys/{keyname}/{versionguid}"

Cheers

psqlflexkeyman

Document Details

Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

SaibabaBalapur-MSFT commented 7 months ago

@mrszop Thanks for your feedback! We will investigate and update as appropriate.

AjayBathini-MSFT commented 7 months ago

@mrszop

Thank you for your feedback! I'd recommend working closer with our support team via an [Azure support request] (https://docs.microsoft.com/en-us/azure/azure-portal/supportability/how-to-create-azure-support-request). Or you can leverage our Q&A forum by posting your issue there so our community, and MVPs can further assist you in troubleshooting this issue or finding potential workarounds. [Teams Q&A forum] (https://docs.microsoft.com/en-us/answers/topics/46488/office-teams-windows-itpro.html) for technical questions about the configuration and administration of Microsoft Teams on Windows. [Microsoft Teams Community forum] (https://answers.microsoft.com/en-us/msteams/forum?sort=LastReplyDate&dir=Desc&tab=All&status=all&mod=&modAge=&advFil=&postedAfter=&postedBefore=&threadType=All&isFilterExpanded=false&page=1) Thank you for your time and patience throughout this issue.