Nota
L-aċċess għal din il-paġna jeħtieġ l-awtorizzazzjoni. Tista’ tipprova tidħol jew tibdel id-direttorji.
L-aċċess għal din il-paġna jeħtieġ l-awtorizzazzjoni. Tista’ tipprova tibdel id-direttorji.
Learn about error messages and resolutions you can encounter when configuring and managing customer-managed key for Azure NetApp Files volume encryption.
Errors configuring customer-managed key encryption on a NetApp account
| Error Condition | Resolution |
|---|---|
The operation failed because the specified key vault key was not found |
When entering key URI manually, ensure that the URI is correct. |
Azure Key Vault key is not a valid RSA key |
Ensure that the selected key is of type RSA. |
Azure Key Vault key is not enabled |
Ensure that the selected key is enabled. |
Azure Key Vault key is expired |
Ensure that the selected key is valid. |
Azure Key Vault key has not been activated |
Ensure that the selected key is active. |
Key Vault URI is invalid |
When entering key URI manually, ensure that the URI is correct. |
Azure Key Vault is not recoverable. Make sure that Soft-delete and Purge protection are both enabled on the Azure Key Vault |
Update the key vault recovery level to: “Recoverable/Recoverable+ProtectedSubscription/CustomizedRecoverable/CustomizedRecoverable+ProtectedSubscription” |
Account must be in the same region as the Vault |
Ensure the key vault is in the same region as the NetApp account. |
Errors creating a volume encrypted with customer-managed keys
| Error Condition | Resolution |
|---|---|
Volume cannot be encrypted with Microsoft.KeyVault, NetAppAccount has not been configured with KeyVault encryption |
Customer-managed key encryption isn't enabled on your NetApp account. Configure the NetApp account to use customer-managed keys. |
EncryptionKeySource cannot be changed |
No resolution: the EncryptionKeySource property of a volume can't be changed. |
Unable to use the configured encryption key, please check if key is active |
Check that: -Are all access policies correct on the key vault: Get, Encrypt, Decrypt? -Does a private endpoint for the key vault exist? -Is there a Virtual Network NAT in the VNet, with the delegated Azure NetApp Files subnet enabled? |
Could not connect to the KeyVault |
Ensure that the private endpoint is set up correctly and the firewalls aren't blocking the connection from your Virtual Network to your KeyVault. |