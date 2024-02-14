Azure's Enterprise Tier Cache embraces Customer Managed Keys for encryption, promising enhanced data security and user control. This development guarantees that Redis persistence or export features generate RDB or AOF files encrypted at rest with a customer-controlled key, ensuring compliance and robust security.

Azure's Enterprise Tier Cache: A New Era of Encryption

Effective immediately, Azure's Enterprise and Enterprise Flash tier caches have integrated support for Customer Managed Keys (CMK) to encrypt operating systems and persistence disks. This recent update allows Redis persistence or export features to generate RDB or AOF files that are encrypted at rest using a customer-managed key, assuring compliance and top-notch security.

Enhanced Security and Compliance with Customer Managed Keys

Customer Managed Keys (CMK) empower users with control over their data encryption, ensuring compliance with their organization's specific security requirements. With this new functionality, Azure Key Vault can securely store keys, while user-assigned managed identities streamline authorization. However, when deploying a new Azure Databricks workspace with encryption using a CMK sourced from a Key Vault in a separate Azure subscription, users may encounter an issue during the 'terraform apply' process due to the AzureRM provider's inability to access the key from the other subscription.

Troubleshooting and Solutions

When faced with the aforementioned issue, properly configuring provider references to both azurerm\_key\_vault and azurerm\_key\_vault\_key data sources can potentially resolve the problem. By taking the time to correctly set up these references, users can ensure a smooth deployment of their Azure Databricks workspace with encryption using a Customer Managed Key from a different Azure subscription.

In conclusion, with the inclusion of Customer Managed Keys for encryption in Azure's Enterprise and Enterprise Flash tier caches, users can now benefit from enhanced data security and control. By addressing the potential issue with the AzureRM provider during deployment, users can harness the full potential of this new feature and enjoy the benefits of secure, compliant key management.

