CustomerManagedKeyEncryption interface

Package:: @azure/arm-eventgrid

All Customer-managed key encryption properties for the resource.

Properties

keyEncryptionKeyIdentity	All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault. This is an optional property. When not specified, the SystemAssigned identity will be used.
keyEncryptionKeyStatus	The state of the Customer Managed Key (CMK) encryption. This is a read-only property which determines if the associated key is active and valid and used actively by runtime as expected. When the associated CMK becomes invalid (e.g., if it is deleted, or if versioned CMK is not current anymore), Event Grid Service will set this state to disabled to indicate that this key is not valid anymore and requires action from user.
keyEncryptionKeyStatusFriendlyDescription	Friendly description about the Customer Managed Key (CMK) encryption state. This is a read-only property which determines why the associated key is revoked which will help user to mitigate the issue and re-enable the CMK key.
keyEncryptionKeyUrl	Key encryption key URL. This URL can be either versioned (e.g., `https://contosovault.vault.azure.net/keys/contosokek/562a4bb76b524a1493a6afe8e536ee78`), or unversioned (e.g., `https://contosovault.vault.azure.net/keys/contosokek`. When versioned URL is used, this version of the key will be used by Event Grid Runtime even if it is rotated. It is user responsibility to update the URL with the new version by updating the namespace resource. When URL without version is used, Event Grid will query and get latest version and will be used automatically.

Property Details

keyEncryptionKeyIdentity

All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault. This is an optional property. When not specified, the SystemAssigned identity will be used.

keyEncryptionKeyIdentity?: KeyEncryptionKeyIdentity

Property Value

KeyEncryptionKeyIdentity

keyEncryptionKeyStatus

The state of the Customer Managed Key (CMK) encryption. This is a read-only property which determines if the associated key is active and valid and used actively by runtime as expected. When the associated CMK becomes invalid (e.g., if it is deleted, or if versioned CMK is not current anymore), Event Grid Service will set this state to disabled to indicate that this key is not valid anymore and requires action from user.

keyEncryptionKeyStatus?: string

Property Value

string

keyEncryptionKeyStatusFriendlyDescription

Friendly description about the Customer Managed Key (CMK) encryption state. This is a read-only property which determines why the associated key is revoked which will help user to mitigate the issue and re-enable the CMK key.

keyEncryptionKeyStatusFriendlyDescription?: string

Property Value

string

keyEncryptionKeyUrl

Key encryption key URL. This URL can be either versioned (e.g., https://contosovault.vault.azure.net/keys/contosokek/562a4bb76b524a1493a6afe8e536ee78), or unversioned (e.g., https://contosovault.vault.azure.net/keys/contosokek. When versioned URL is used, this version of the key will be used by Event Grid Runtime even if it is rotated. It is user responsibility to update the URL with the new version by updating the namespace resource. When URL without version is used, Event Grid will query and get latest version and will be used automatically.

keyEncryptionKeyUrl: string

Property Value

string

Feedback

Was this page helpful?