application gateway and encryption aks

Sebastian Pacheco 136 Reputation points
2022-03-11T17:43:25.013+00:00

I have 2 very simple questions, but I don't know them.

1.- How do I know which version (v1 or v2) of application gateway I have configured? It just says: SKU: Standard

2.- AKS uses "encryption at-rest with a platform-managed key" by default, but this is based on a symmetric or asymmetric algorithm and uses some encryption algorithm (DES, 3DES, AES....)

Thank you very much.

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
973 questions
0 comments No comments
{count} votes

Accepted answer
  1. GitaraniSharma-MSFT 48,016 Reputation points Microsoft Employee
    2022-03-11T18:07:50.14+00:00

    Hello @Sebastian Pacheco ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    Please find the answers to your queries below:

    How do I know which version (v1 or v2) of application gateway I have configured? It just says: SKU: Standard

    Standard/WAF is v1 SKU App gateway. Standard v2/WAF v2 is v2 SKU App gateway.
    You can see the same while creating an Application gateway as below:

    182330-image.png

    AKS uses "encryption at-rest with a platform-managed key" by default, but this is based on a symmetric or asymmetric algorithm and uses some encryption algorithm (DES, 3DES, AES....)

    The Encryption at Rest designs in Azure uses symmetric encryption to encrypt and decrypt large amounts of data. Data in Azure managed disks is encrypted transparently using 256-bit AES encryption, one of the strongest block ciphers available, and is FIPS 140-2 compliant.

    For more information on encryption at-rest with a platform-managed key, please refer the below docs:
    https://learn.microsoft.com/en-us/azure/aks/enable-host-encryption
    https://learn.microsoft.com/en-us/azure/security/fundamentals/encryption-atrest
    https://learn.microsoft.com/en-us/azure/virtual-machines/disk-encryption

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


0 additional answers

Sort by: Most helpful