Database Client Encryption Key Limit #3867
Unanswered
aperiooculus
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I've recently encountered an issue around Cosmos Client Encryption Keys where I have reached the limit on a single database.
Background:
I'm implementing an encryption service that rotates the client data encryption keys (DEK). The method of rotating the keys involves creating a new container along with a new DEK, then copying the records to the new container.
In my testing I encountered a 403 response when calling Database.CreateClientEncryptionKeyAsync to create a new DEK, indicating - I believe - that the database is at max capacity for DEKs. I haven't yet found a means to remove the keys, and therein lies my challenge.
Question
Is there a way to remove a DEK from Cosmos Database? Or perhaps some other means of overcoming the limit that doesn't involve creating a new database?
I appreciate any and all help on this topic!
Beta Was this translation helpful? Give feedback.
All reactions