Shouldn't the dependency to Azure Key Vault for data protection be refactored as such, so that a "provider" loads the required keys for data protection - no matter where they are loaded from? Because such keys can also be provided by other means. Especially in an on-premise or even air-gaped scenario, Azure Key Vault is not accessible.
Question
Shouldn't the dependency to Azure Key Vault for data protection be refactored as such, so that a "provider" loads the required keys for data protection - no matter where they are loaded from? Because such keys can also be provided by other means. Especially in an on-premise or even air-gaped scenario, Azure Key Vault is not accessible.