Cloudera Docs

Enabling Customer Managed Keys on Microsoft Azure

You can enhance the security of your Cloudera AI services deployed on Azure by enabling customer-managed keys (CMK). This capability provides data-at-rest encryption for Azure Disk, Kubernetes clusters, and Backup Snapshots.

To configure CMK for your Cloudera AI environment:
  • You must have the Cloudera Environment Admin role.
  • Obtain your CMK from your Azure Key Vault Service.

For information on encrypting resources, see Encrypting Azure resources with customer managed keys, and to add an encryption key to your Cloudera environment, see Adding a customer managed encryption key to a Cloudera environment running on Azure.