Azure Key Vault - Key Hierarchy
José Miguel Lopez Becerra
6
Reputation points
Does AKV support key hierarchy?
Say I have the BYOK approach where the customer key is at the very top of the hierarchy. And I want to use it to wrap other keys stored in AKV (say these other keys would be on Level 2, I should have full control of them, and be protected by the root key).
Is that possible?
Something similar to the picture.
The reason: We need the BYOK approach. And (like in the picture), we would like to grant "Account Key" to some resource, but without giving direct access to the root key.