Skip to content

Commit 3a04147

Browse files
jackrichinsjackrichins
committed
Clarify which services support bring your own storage account
1 parent 7a7f677 commit 3a04147

File tree

1 file changed

+10
-5
lines changed

1 file changed

+10
-5
lines changed

articles/security/fundamentals/encryption-atrest.md

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -278,7 +278,7 @@ Client-side encryption of Azure SQL Database data is supported through the [Alwa
278278
| Azure Data Catalog | Yes | - | - |
279279
| Azure HDInsight | Yes | All | - |
280280
| Azure Monitor Application Insights | Yes | Yes | - |
281-
| Azure Monitor Log Analytics | Yes | Yes | - |
281+
| Azure Monitor Log Analytics | Yes | Yes | - |
282282
| Azure Data Explorer | Yes | Yes | - |
283283
| Azure Data Factory | Yes | Yes | - |
284284
| Azure Data Lake Store | Yes | Yes, RSA 2048-bit | - |
@@ -290,11 +290,12 @@ Client-side encryption of Azure SQL Database data is supported through the [Alwa
290290
| Virtual Machines | Yes | Yes, RSA 2048-bit | - |
291291
| Virtual Machine Scale Set | Yes | Yes, RSA 2048-bit | - |
292292
| SAP HANA | Yes | Yes, RSA 2048-bit | - |
293-
| App Service | Yes | Yes | - |
294-
| Automation | Yes | Yes | - |
295-
| Azure Portal | Yes | Yes | - |
293+
| App Service | Yes | Yes\*\* | - |
294+
| Automation | Yes | Yes\*\* | - |
295+
| Azure Functions | Yes | Yes\*\* | - |
296+
| Azure Portal | Yes | Yes\*\* | - |
296297
| Logic Apps | Yes | Yes | - |
297-
| Azure Managed Applications | Yes | Yes | - |
298+
| Azure Managed Applications | Yes | Yes\*\* | - |
298299
| Service Bus | Yes | Yes | - |
299300
| Site Recovery | Yes | Yes | - |
300301
| **Databases** | | | |
@@ -308,6 +309,7 @@ Client-side encryption of Azure SQL Database data is supported through the [Alwa
308309
| Table Storage | Yes | Yes | Yes |
309310
| Azure Cosmos DB | Yes | Yes | - |
310311
| Azure Databricks | Yes | Yes | - |
312+
| Azure Database Migration Service | Yes | N/A\* | - |
311313
| **DevOps** | | | |
312314
| Azure DevOps Services | Yes | - | Yes |
313315
| Azure Repos | Yes | - | Yes |
@@ -340,6 +342,7 @@ Client-side encryption of Azure SQL Database data is supported through the [Alwa
340342
| File Sync | Yes | Yes, RSA 2048-bit | - |
341343
| Queue Storage | Yes | Yes | Yes |
342344
| Avere vFXT | Yes | - | - |
345+
| Azure Cache for Redis | Yes | N/A\* | - |
343346
| Azure NetApp Files | Yes | Yes | - |
344347
| Archive Storage | Yes | Yes, RSA 2048-bit | - |
345348
| StorSimple | Yes | Yes, RSA 2048-bit | Yes |
@@ -349,6 +352,8 @@ Client-side encryption of Azure SQL Database data is supported through the [Alwa
349352

350353
\* This service doesn't persist data. Transient caches, if any, are encrypted with a Microsoft key.
351354

355+
\*\* This service supports storing data in your own Key Vault, Storage Account, or other data persisting service that already supports Server-Side Encryption with Customer-Managed Key.
356+
352357
## Conclusion
353358

354359
Protection of customer data stored within Azure Services is of paramount importance to Microsoft. All Azure hosted services are committed to providing Encryption at Rest options. Azure services support either service-managed keys, customer-managed keys, or client-side encryption. Azure services are broadly enhancing Encryption at Rest availability and new options are planned for preview and general availability in the upcoming months.

0 commit comments

Comments
 (0)