Skip to content

Commit 094b867

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #268764 from gahl-levy/patch-73
Update database-encryption-at-rest.md
2 parents 89b1b49 + e53792a commit 094b867

File tree

1 file changed

+6
-2
lines changed

1 file changed

+6
-2
lines changed

articles/cosmos-db/mongodb/vcore/database-encryption-at-rest.md

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ author: khelanmodi
55
ms.author: khelanmodi
66
ms.service: cosmos-db
77
ms.topic: conceptual
8-
ms.date: 11/30/2023
8+
ms.date: 03/12/2024
99
---
1010

1111
# Data encryption in Azure Cosmos DB for MongoDB vCore
@@ -16,7 +16,7 @@ ms.date: 11/30/2023
1616

1717
As a platform as a service (PaaS), Azure Cosmos DB is easy to use. Because all user data stored in Azure Cosmos DB is encrypted at rest and in transport, you don't have to take any action. In other words, encryption at rest is "on" by default. There are no controls to turn it off or on. Azure Cosmos DB uses AES-256 encryption on all regions where the account is running.
1818

19-
We provide this feature while we continue to meet our [availability and performance service-level agreements (SLAs)](https://azure.microsoft.com/support/legal/sla/cosmos-db). Data stored in your Azure Cosmos DB account is automatically and seamlessly encrypted with keys managed by Microsoft (service-managed keys).
19+
We provide this feature while we continue to meet our [availability and performance service-level agreements (SLAs)](https://azure.microsoft.com/support/legal/sla/cosmos-db). Data stored in your Azure Cosmos DB account is automatically and seamlessly encrypted with keys managed by Microsoft (service-managed keys). Customer managed keys (CMK) encryption will be released in the second half of 2024.
2020

2121
## Implementation of encryption at rest for Azure Cosmos DB
2222

@@ -41,6 +41,10 @@ Find answers to commonly asked questions about encryption.
4141

4242
There's no extra cost.
4343

44+
### Can I encrypt my data with customer managed keys (CMK)?
45+
46+
This feature is coming to the service in the second half of 2024.
47+
4448
### How often are encryption keys rotated?
4549

4650
Microsoft has a set of internal guidelines for encryption key rotation, which Azure Cosmos DB follows. The specific guidelines aren't published. Microsoft does publish the [Security Development Lifecycle](https://www.microsoft.com/sdl/default.aspx), which is seen as a subset of internal guidance and has useful best practices for developers.

0 commit comments

Comments
 (0)