Data residency and resiliency for Azure Stack Edge
APPLIES TO: Azure Stack Edge Pro - GPUAzure Stack Edge Pro 2Azure Stack Edge Pro RAzure Stack Edge Mini R
This article describes the information that you need to help understand the data residency and resiliency behavior for Azure Stack Edge and how to enable data residency in the service.
About data residency for Azure Stack Edge
Azure Stack Edge services uses Azure Regional Pairs when storing and processing customer data in all the geos where the service is available. For the Southeast Asia (Singapore) region, the service is currently paired with Hong Kong. The Azure region pairing implies that any data stored in Singapore is replicated in Hong Kong. Singapore has laws in place that require that the customer data not leave the country boundaries.
To ensure that the customer data resides in a single region only, a new option is enabled in the Azure Stack Edge service. This option when selected, lets the service store and process the customer data only in Singapore region. The customer data is not replicated to Hong Kong. There is service-specific metadata (which is not sensitive data) that is still replicated to the paired region.
With this option enabled, the service is resilient to zone-wide outages, but not to region-wide outages. If region-wide outages are important for you, then you should select the regional pair based replication.
The single region data residency option is available only for Southeast Asia (Singapore). For all other regions, Azure Stack Edge stores and processes customer data in the customer-specified geo.
The data residency posture of the Azure Stack Edge services can be summarized for the following aspects of the service:
- Existing Azure Stack Edge ordering and management service.
- New Azure Edge Hardware Center that will be used for new orders going forward.
Azure Stack Edge service also integrates with the following dependent services and their behavior is also summarized:
- Azure Arc-enabled Kubernetes
- Azure IoT Hub and Azure IoT Edge
- If you provide a support package with a crash dump for the Azure Stack Edge device, it can contain End User Identifiable Information (EUII) or End User Pseudonymous Information (EUPI) which will be processed and stored outside South East Asia.
Azure Stack Edge classic ordering and management resource
If you are using the classic experience to place an order for Azure Stack Edge, the service currently uses Azure Regional Pair to implement data resiliency against region-wide outages. For existing Azure Stack Edge resources in Singapore, the data is replicated to Hong Kong.
If you are creating a new Azure Stack Edge resource, you have the option to enable data residency only in Singapore. When this option is selected, data is not replicated to Hong Kong. If there is a region-wide service outage, you have two options:
Wait for the Singapore region to be restored.
Create a resource in another region, reset the device, and manage your device via the new resource. For detailed instructions, see Reset and reactivate your Azure Stack Edge device.
Azure Edge Hardware Center ordering and management resource
The new Azure Edge Hardware Center service is now available and allows you to create and manage Azure Stack Edge resources. When placing an order in Southeast Asia region, you can select the option to have your data resides only within Singapore and not be replicated.
In the event of region-wide outages, you won’t be able to access the order resources. You will not be able to return, cancel, or delete the resources. If you request for updates on your order status or need to initiate a device return urgently during the service outage, Microsoft Support will handle those requests.
For detailed instructions, see Create an order via the Azure Edge Hardware Center.
Azure Stack Edge dependent services
Azure Arc-enabled Kubernetes, Azure IoT Hub and Azure IoT Edge, and Azure Key Vault are services that integrate with Azure Stack Edge.
Azure Arc-enabled Kubernetes
Azure Arc-enabled Kubernetes is available as an add-on for Azure Stack Edge. For Singapore (Southeast Asia), Azure Arc data resides only within Singapore and is not replicated in Hong Kong.
Azure IoT is available as an add-on for Azure Stack Edge. For Singapore (Southeast Asia), Azure IoT uses paired region and replicates data to Hong Kong. This means that Azure IoT is resilient to region-wide outages.
- Learn more about Azure data residency requirements.