AzureConfigEncryption

Stay organized with collections Save and categorize content based on your preferences.

Configuration related to config data encryption.

Azure VM bootstrap secret is envelope encrypted with the provided key vault key.

JSON representation
{
  "keyId": string,
  "publicKey": string
}
Fields
keyId

string

Required. The ARM ID of the Azure Key Vault key to encrypt / decrypt config data.

For example: /subscriptions/<subscription-id>/resourceGroups/<resource-group-id>/providers/Microsoft.KeyVault/vaults/<key-vault-id>/keys/<key-name>

publicKey

string

Optional. RSA key of the Azure Key Vault public key to use for encrypting the data.

This key must be formatted as a PEM-encoded SubjectPublicKeyInfo (RFC 5280) in ASN.1 DER form. The string must be comprised of a single PEM block of type "PUBLIC KEY".