Ensure the storage account containing the container with activity logs is encrypted with BYOK (Use Your Own Key)


The storage account with the activity log export container is configured to use BYOK (Use Your Own Key).


Perform the following in the Azure Console:

  1. In right column, Click service Storage Accounts to access Storage account blade
  2. Click on the storage account name
  3. In Section SETTINGS click Encryption . It will show Storage service encryption configuration pane
  4. Check Use your own key which will expand Encryption Key Settings
  5. Use option Enter key URI or Select from Key Vault to set up encryption with your own key

Perform the following in Azure Command Line Interface 2.0:

az storage account update –name <name of the storage account> –resource-group <resource group for a storage account> –encryption-key-source=Microsoft.Keyvault –encryption-key-vault <Key Valut URI> –encryption-key-name <KeyName> –encryption-key-version <Key Version>


Logging and Monitoring





We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!