Generally available: Encrypt managed disks with cross-tenant customer-managed keys
Published date: November 14, 2022
Encrypting managed disks with cross-tenant customer-managed keys (CMK) enables you to encrypt managed disks with customer-managed keys using Azure Key Vault hosted in a different Azure Active Directory (AD) tenant.
Many service providers building Software as a Service (SaaS) offerings on Azure want to give their customers the option of managing their own encryption keys. Customers of service providers can now use cross-tenant customer-managed keys to manage encryption keys in their own Azure AD tenant and subscription using Azure Key Vault. As a result, they will have complete control of their customer-managed keys and their data.