Commit b380c69
Fix compromised TDE protector guidance: rotate before deleting
The remove-tde-protector article previously said 'it's best to delete
the key' when compromise is suspected. This leads to self-inflicted
database outages without revoking any backup copies of the key.
Updated to recommend rotating to a new TDE protector and migrating all
databases before deleting the old key. Added warning that deleting or
disabling a key does not invalidate backup copies restored to other
vaults. Cross-linked to Key Vault backup security considerations.
Related to MSRC Case 113198.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>1 parent ec47d34 commit b380c69
2 files changed
Lines changed: 4 additions & 4 deletions
File tree
- azure-sql/database
Lines changed: 2 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
8 | | - | |
| 8 | + | |
9 | 9 | | |
10 | 10 | | |
11 | 11 | | |
| |||
217 | 217 | | |
218 | 218 | | |
219 | 219 | | |
220 | | - | |
| 220 | + | |
221 | 221 | | |
222 | 222 | | |
223 | 223 | | |
| |||
Lines changed: 2 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
8 | | - | |
| 8 | + | |
9 | 9 | | |
10 | 10 | | |
11 | 11 | | |
| |||
24 | 24 | | |
25 | 25 | | |
26 | 26 | | |
27 | | - | |
| 27 | + | |
28 | 28 | | |
29 | 29 | | |
30 | 30 | | |
| |||
0 commit comments