You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-monitor/platform/customer-managed-keys.md
+2-7Lines changed: 2 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -241,10 +241,7 @@ It takes a few minutes until the *Cluster* resource is propagated in
241
241
242
242
### Update Cluster resource with Key identifier details
243
243
244
-
Update the *Cluster* resource with Key Vault *Key identifier* details, to allow Azure Monitor Storage to use the new key version. Select the current version of your key in Azure Key Vault to get the Key identifier details.
245
-
246
-
> [!Important]
247
-
> This step applies to future key version updates in your Key Vault. In such updates, you should repeat this step and update the *Cluster* resource with the Key Vault *Key identifier* details, since your previous key won’t be accessible by Azure Monitor Storage about 15 minutes after the key version update in your Key Vault.
244
+
This step applies following future key version updates in your Key Vault. Update the *Cluster* resource with Key Vault *Key identifier* details, to allow Azure Monitor Storage to use the new key version. Select the current version of your key in Azure Key Vault to get the Key identifier details.
@@ -421,7 +418,7 @@ the new Azure Key Vault Key version. To update Azure Monitor with your
421
418
new key version, follow the instructions in "Update *Cluster* resource
422
419
with *Key identifier* details" step.
423
420
424
-
If you rotate your key in Key Vault and don't update the new version in Azure Monitor shortly after, the key won't be accessible by Azure Monitor Storage.
421
+
If you update your key in Key Vault and don't update the new *Key identifier* details in the *Cluster* resource*, Azure Monitor Storage will keep using your previous key.
425
422
426
423
## Limitations and constraints
427
424
@@ -435,8 +432,6 @@ If you rotate your key in Key Vault and don't update the new version in Azure Mo
435
432
ADX cluster provisioning was fulfilled. Data that is sent prior to
436
433
this provisioning will be dropped and won't be recoverable.
437
434
438
-
- Updating your key in Key Vault requires that you update the *Cluster* resource with the Key Vault *Key identifier* details, since your previous key won't be accessible by Azure Monitor Storage in about 15 minutes after the key version update.
439
-
440
435
- CMK encryption applies to newly ingested data after the CMK
441
436
configuration. Data that was ingested prior to the CMK
442
437
configuration, remained encrypted with Microsoft key. You can query
0 commit comments