You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/reliability/reliability-key-vault.md
+8-5Lines changed: 8 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -56,7 +56,7 @@ If you're using Key Vault in high-throughput scenarios, consider distributing yo
56
56
57
57
Azure Key Vault automatically leverages availability zones in regions where they're available, providing high availability within a region without requiring any specific configuration from customers.
58
58
59
-
The service is designed to be resilient to zone failures without any specific configuration required by customers. Key Vault automatically manages the redundancy across availability zones in regions where zones are available.
59
+
The service is designed to be resilient to zone failures without any specific configuration required by customers. Key Vault automatically manages the redundancy across availability zones in regions where zones are available. For more information, see [Failover within a region](/azure/key-vault/general/disaster-recovery-guidance#failover-within-a-region) in the Key Vault availability and redundancy documentation.
60
60
61
61
### Region support
62
62
@@ -117,6 +117,8 @@ Exceptions to cross-region replication include:
117
117
118
118
When you create key vaults in these regions, they aren't replicated across regions.
119
119
120
+
For detailed information about how Key Vault replicates data across regions, see [Data replication](/azure/key-vault/general/disaster-recovery-guidance#data-replication) in the Key Vault availability and redundancy guide.
121
+
120
122
### Region support
121
123
122
124
Key Vault's multi-region capabilities depend on Azure region pairs. The replication is only supported between designated paired regions. For more information about Azure region pairs, see [Azure paired regions](/azure/reliability/cross-region-replication-azure).
@@ -156,6 +158,8 @@ There are no additional costs for the built-in multi-region replication capabili
156
158
157
159
-**Traffic rerouting:** In the event of a region failover, requests are automatically routed to the paired region without requiring any customer intervention.
158
160
161
+
For a complete description of the failover process and behavior, see [Failover across regions](/azure/key-vault/general/disaster-recovery-guidance#failover-across-regions) in the Key Vault availability and redundancy guide.
162
+
159
163
### Failback
160
164
161
165
When the primary region becomes available again, Azure Key Vault automatically fails back operations to that region. This process is fully managed by the Azure platform and doesn't require any customer intervention.
@@ -170,8 +174,7 @@ If you need a multi-region strategy for regions that don't support cross-region
170
174
2. Using the backup and restore functionality to maintain consistent secrets across regions
171
175
3. Implementing application-level logic to failover between key vaults
172
176
173
-
For example approaches to multi-region architectures, see:
174
-
-[Highly available multi-region web application](/azure/architecture/web-apps/app-service/architectures/multi-region)
177
+
For example approaches to multi-region architectures, see [Highly available multi-region web application](/azure/architecture/web-apps/app-service/architectures/multi-region).
175
178
176
179
## Backups
177
180
@@ -186,7 +189,7 @@ Key points about the backup functionality:
186
189
187
190
> For most solutions, you shouldn't rely exclusively on backups. Instead, use the other capabilities described in this guide to support your resiliency requirements. However, backups protect against some risks that other approaches don't, such as accidental deletion of specific secrets.
188
191
189
-
For detailed instructions on how to back up and restore Key Vault objects, see [Azure Key Vault backup](/azure/key-vault/general/backup).
192
+
For detailed instructions on how to back up and restore Key Vault objects, see [Azure Key Vault backup](/azure/key-vault/general/backup). For guidance on when to use backups, see [When to use backups](/azure/key-vault/general/backup#when-to-use-backups), and for important limitations, refer to [Backup limitations](/azure/key-vault/general/backup#limitations).
190
193
191
194
## Recovery features
192
195
@@ -196,7 +199,7 @@ Azure Key Vault provides two key recovery features to prevent accidental or mali
196
199
197
200
2.**Purge protection:** When enabled, purge protection prevents permanent deletion of your key vault and its objects until the retention period elapses. This prevents malicious actors from permanently destroying your secrets.
198
201
199
-
Both features are strongly recommended for production environments. For more information, see [Azure Key Vault recovery management with softdelete and purge protection](/azure/key-vault/general/key-vault-recovery).
202
+
Both features are strongly recommended for production environments. For a detailed explanation of these features, see [What are soft-delete and purge protection](/azure/key-vault/general/key-vault-recovery#what-are-soft-delete-and-purge-protection) in the Key Vault recovery management documentation.
0 commit comments