acr icon indicating copy to clipboard operation
acr copied to clipboard
verified publisher icon Azure

CMK migration of existing registries

Open SteveLasker opened this issue 5 years ago • 3 comments

Customer Managed Keys (CMK) enables double encryption of content using customer provided keys, managed in Azure Keyvault. CMK is currently GA for newly configured registries. CMK conversion of existing registries are underway as we recognize that customers want/need CMK of registries they've already configured and secured.

Converting a registry to double-encrypted involves re-encrypting all content in the registry, while tracking the progress, and not having scheduled down-time. This extra work, to assure the registry is never offline, even for push operations is being completed.

SteveLasker avatar Jun 23 '20 17:06 SteveLasker

@SteveLasker what is the timeline on this feature? Will this also make it possible to use a system identity from the start?

aristosvo avatar Aug 25 '21 18:08 aristosvo

@mangalorereshmi, can you help?

SteveLasker avatar Aug 25 '21 19:08 SteveLasker

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

github-actions[bot] avatar Jan 04 '24 01:01 github-actions[bot]