Skip to content

Commit ea2f718

Browse files
GennadNYGennadNY
committed
Update concepts-data-encryption.md
1 parent ced2463 commit ea2f718

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

articles/postgresql/flexible-server/concepts-data-encryption.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -153,7 +153,7 @@ Avoid issues while setting up customer-managed data encryption during restore or
153153

154154
**Hardware security modules (HSMs)** are hardened, tamper-resistant hardware devices that secure cryptographic processes by generating, protecting, and managing keys used for encrypting and decrypting data and creating digital signatures and certificates. HSMs are tested, validated and certified to the highest security standards including FIPS 140-2 and Common Criteria. Azure Key Vault Managed HSM (Hardware Security Module) is a fully managed, highly available, single-tenant, standards-compliant cloud service that enables you to safeguard cryptographic keys for your cloud applications, using FIPS 140-2 Level 3 validated HSMs.
155155

156-
You can pick Azure Key Vault Managed HSM as key store when creating new PostgreSQL Flexible Server in Azure Portal with Customer Managed Key (CMK) feature. The prerequisites in terms of user defined identity and permissions are same as with Azure Key Vault, as already listed [above](#requirements-for-configuring-data-encryption-for-azure-database-for-postgresql-flexible-server). More information on how to create Azure Key Vault Managed HSM and import keys to it is available [here](../../key-vault/managed-hsm/overview.md).
156+
You can pick **Azure Key Vault Managed HSM** as key store when creating new PostgreSQL Flexible Server in Azure Portal with Customer Managed Key (CMK) feature, as alternative to **Azure Key Vault**. The prerequisites in terms of user defined identity and permissions are same as with Azure Key Vault, as already listed [above](#requirements-for-configuring-data-encryption-for-azure-database-for-postgresql-flexible-server). More information on how to create Azure Key Vault Managed HSM, its advantages and differences with shared Azure Key Vault based certificate store, as well as how to import keys into AKV Managed HSM is available [here](../../key-vault/managed-hsm/overview.md).
157157

158158
## Inaccessible customer-managed key condition
159159

0 commit comments

Comments
 (0)