![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 74%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,448 questions
There is no provision for customers to request Microsoft to disable Azure Microsoft-Managed Keys or Service-Managed Keys. These keys are managed entirely by Microsoft and cannot be modified or disabled by customers. However, customers can use Customer-Managed Keys (CMK) to have more control over their data encryption. CMK allows customers to manage their own encryption keys, which can be rotated or revoked as needed. Using CMK can provide additional controls for data security and compliance. In terms of inherent disadvantages, Microsoft-Managed Keys and Service-Managed Keys may not provide the same level of control and customization as CMK. However, they can still provide strong encryption for data at rest without the added complexity of managing encryption keys.
References:
- Use customer-managed keys with Azure Machine Learning
- Configure customer-managed keys for your Azure Cosmos DB account with Azure Key Vault - Frequently asked questions
- Implement encryption with Customer-Managed Keys in Microsoft Cloud for Sovereignty - Select data encryption features
- Configure customer-managed keys for Azure Load Testing with Azure Key Vault - Frequently asked questions
- Customer-managed keys for Azure managed disks