Share via

Azure Java SDK - Programmatically create encryption scope for an existing storage account

PR 1 Reputation point
2022-12-14T12:12:49.86+00:00

For an existing storage account, I would like to create an encryption scope. I checked out Azure documentation but only found REST way of creating it (https://learn.microsoft.com/en-us/rest/api/storagerp/encryption-scopes/put?tabs=HTTP)

I couldn't find references for programmatically handling encryption scopes. Could you please share how we achieve this.

Azure Storage
Azure Storage
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,529 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. SaiKishor-MSFT 17,336 Reputation points
    2022-12-15T08:01:42.907+00:00

    @PR Thanks for reaching out to Microsoft Q&A. I understand that you are looking for assistance in regard to creating encryption scope for an existing storage account.

    You should be able to do that using the following method- https://learn.microsoft.com/en-us/java/api/com.azure.storage.blob.specialized.cryptography.encryptedblobclientbuilder?view=azure-java-stable#com-azure-storage-blob-specialized-cryptography-encryptedblobclientbuilder-encryptionscope(java-lang-string)

    public EncryptedBlobClientBuilder encryptionScope(String encryptionScope)

    Sets the encryption scope that is used to encrypt blob contents on the server.

    Parameters:

    encryptionScope - Encryption scope containing the encryption key information.
    Returns:

    the updated EncryptedBlobClientBuilder object

    Is this what you are looking for? Please let us know if you have any more questions and we will be glad to assist you further. Thank you!

    Remember:

    Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

    Want a reminder to come back and check responses? Here is how to subscribe to a notification.

    0 comments
  2. PR 1 Reputation point
    2022-12-19T11:09:01.09+00:00

    @SaiKishor-MSFT Thanks for responding.

    EncryptedBlobClientBuilder encryptionScope(String encryptionScope)

    But I believe before this, first encryption scope needs to be created and only then the name can be passed here. My question is, how to get encryption scope created in the first place programmatically. whatever we are achieving in the below dialog, I want to do it programmatically. Could you please help with some references for both Microsoft managed and Customer managed.

    272101-image.png

    0 comments
  3. PR 1 Reputation point
    2022-12-20T08:48:53.333+00:00

    Can someone please help with this.

    0 comments
  4. SaiKishor-MSFT 17,336 Reputation points
    2023-01-18T07:59:47.6166667+00:00

    @PR Management of encryption scopes falls under the ARM/SRP package (com.azure.resourcemanager:azure-resourcemanager-storage). See:

    Does this help? Please let me know if you need any further help and I will be glad to help. Thank you!

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.