Database Client Encryption Key Limit #3867
Unanswered
aperiooculus
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I've recently encountered an issue around Cosmos Client Encryption Keys where I have reached the limit on a single database.
Background:
I'm implementing an encryption service that rotates the client data encryption keys (DEK). The method of rotating the keys involves creating a new container along with a new DEK, then copying the records to the new container.
In my testing I encountered a 403 response when calling Database.CreateClientEncryptionKeyAsync to create a new DEK, indicating - I believe - that the database is at max capacity for DEKs. I haven't yet found a means to remove the keys, and therein lies my challenge.
Question
Is there a way to remove a DEK from Cosmos Database? Or perhaps some other means of overcoming the limit that doesn't involve creating a new database?
I appreciate any and all help on this topic!
Beta Was this translation helpful? Give feedback.
All reactions