You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
2. Select the **Key Permissions** select **Get**, **Wrap**, **Unwrap** and the **Principal** which is the name of the MySQL server. If your server principal can't be found in the list of existing principals, you will need to register it by attempting to setup Data Encryption for the first time which will fail.
42
+
2. Select the **Key Permissions** select **Get**, **Wrap**, **Unwrap** and the **Principal**, which is the name of the MySQL server. If your server principal can't be found in the list of existing principals, you will need to register it by attempting to set up Data Encryption for the first time, which will fail.
@@ -59,7 +59,7 @@ In this article, you will learn how to set up and manage to use the Azure portal
59
59
60
60
4. To ensure all files (including **temp files**) are full encrypted, a server **restart** is **required**.
61
61
62
-
## Restoring or creating replica of the server which has Data Encryption enabled
62
+
## Restoring or creating replica of the server, which has Data Encryption enabled
63
63
64
64
Once an Azure Database for MySQL is encrypted with customer's managed key stored in the Key Vault, any newly created copy of the server either though local or geo-restore operation or a replica (local/cross-region) operation. So for an encrypted MySQL server, you can follow the steps below to create an encrypted restored server.
65
65
@@ -78,7 +78,7 @@ Once an Azure Database for MySQL is encrypted with customer's managed key stored
78
78
3. To fix Inaccessible state, you need to revalidate the key on the restored server. Click on the **Data Encryption** blade and then the **Revalidate key** button.
79
79
80
80
> [!NOTE]
81
-
> The first attempt to revalidate will fail since the new server's service principal needs to be given access to the key vault. To generate the service principal click on **Revalidate key** which will give error but generates the service principal. Thereafter, refer to steps [in section 2](https://docs.microsoft.com/azure/mysql/howto-data-encryption-portal#setting-the-right-permissions-for-key-operations) above.
81
+
> The first attempt to revalidate will fail since the new server's service principal needs to be given access to the key vault. To generate the service principal click on **Revalidate key**, which will give error but generates the service principal. Thereafter, refer to steps [in section 2](https://docs.microsoft.com/azure/mysql/howto-data-encryption-portal#setting-the-right-permissions-for-key-operations) above.
Copy file name to clipboardExpand all lines: articles/postgresql/howto-data-encryption-portal.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,7 +12,7 @@ ms.date: 01/10/2020
12
12
13
13
In this article, you will learn how to set up and manage to use the Azure portal to set up Data Encryption for your Azure Database for PostgreSQL Single server.
14
14
15
-
## Prerequisites for Cli
15
+
## Prerequisites for CLI
16
16
17
17
* You must have an Azure subscription and be an administrator on that subscription.
18
18
* Create an Azure Key Vault and Key to use for customer-managed key.
@@ -40,7 +40,7 @@ In this article, you will learn how to set up and manage to use the Azure portal
2. Under the **Key Permissions** select **Get**, **Wrap**, **Unwrap** and the **Principal** which is the name of the PostgreSQL server. If your server principal can't be found in the list of existing principals, you will need to register it by attempting to setup Data Encryption for the first time which will fail.
43
+
2. Under the **Key Permissions** select **Get**, **Wrap**, **Unwrap** and the **Principal**, which is the name of the PostgreSQL server. If your server principal can't be found in the list of existing principals, you will need to register it by attempting to set up Data Encryption for the first time, which will fail.
@@ -60,7 +60,7 @@ In this article, you will learn how to set up and manage to use the Azure portal
60
60
61
61
4. To ensure all files (including **temp files**) are full encrypted, a server **restart** is **required**.
62
62
63
-
## Restoring or creating replica of the server which has data encryption enabled
63
+
## Restoring or creating replica of the server, which has data encryption enabled
64
64
65
65
Once an Azure Database for PostgreSQL Single server is encrypted with customer's managed key stored in the Key Vault, any newly created copy of the server either though local or geo-restore operation or a replica (local/cross-region) operation. So for an encrypted PostgreSQL server, you can follow the steps below to create an encrypted restored server.
66
66
@@ -80,7 +80,7 @@ Once an Azure Database for PostgreSQL Single server is encrypted with customer's
80
80
3. To fix Inaccessible state, you need to revalidate the key on the restored server. Click on the **Data Encryption** blade and then the **Revalidate key** button.
81
81
82
82
> [!NOTE]
83
-
> The first attempt to revalidate will fail since the new server's service principal needs to be given access to the key vault. To generate the service principal click on **Revalidate key** which will give error but generates the service principal. Thereafter, refer to steps [in section 2](https://docs.microsoft.com/azure/postgresql/howto-data-encryption-portal#setting-the-right-permissions-for-key-operations) above.
83
+
> The first attempt to revalidate will fail since the new server's service principal needs to be given access to the key vault. To generate the service principal click on **Revalidate key**, which will give error but generates the service principal. Thereafter, refer to steps [in section 2](https://docs.microsoft.com/azure/postgresql/howto-data-encryption-portal#setting-the-right-permissions-for-key-operations) above.
0 commit comments