Azure Storage Encryption
E937636
Azure Storage Encryption is a Microsoft Azure feature that automatically encrypts data at rest in storage accounts using managed or customer-managed keys to enhance data security and compliance.
All labels observed (1)
| Label | Occurrences |
|---|---|
| Azure Storage Encryption canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T11655788 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: Azure Storage Encryption Context triple: [Azure Key Vault, integratesWith, Azure Storage Encryption]
-
A.
Azure Storage
Azure Storage is Microsoft’s cloud-based storage service that provides scalable, durable, and secure storage for unstructured and structured data, including blobs, files, queues, and tables.
-
B.
Azure Key Vault
Azure Key Vault is a Microsoft Azure cloud service that securely stores and manages cryptographic keys, secrets, and certificates for protecting applications and data.
-
C.
Azure Blob Storage
Azure Blob Storage is a cloud-based object storage service for storing and managing large amounts of unstructured data such as text and binary files.
-
D.
Azure Information Protection
Azure Information Protection is a Microsoft cloud-based solution that classifies, labels, and protects sensitive documents and emails through encryption and rights management across organizations.
-
E.
Azure Data Lake Storage
Azure Data Lake Storage is a scalable, secure cloud-based data lake service from Microsoft designed for big data analytics and enterprise data warehousing workloads.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: Azure Storage Encryption Target entity description: Azure Storage Encryption is a Microsoft Azure feature that automatically encrypts data at rest in storage accounts using managed or customer-managed keys to enhance data security and compliance.
-
A.
Azure Storage
Azure Storage is Microsoft’s cloud-based storage service that provides scalable, durable, and secure storage for unstructured and structured data, including blobs, files, queues, and tables.
-
B.
Azure Key Vault
Azure Key Vault is a Microsoft Azure cloud service that securely stores and manages cryptographic keys, secrets, and certificates for protecting applications and data.
-
C.
Azure Blob Storage
Azure Blob Storage is a cloud-based object storage service for storing and managing large amounts of unstructured data such as text and binary files.
-
D.
Azure Information Protection
Azure Information Protection is a Microsoft cloud-based solution that classifies, labels, and protects sensitive documents and emails through encryption and rights management across organizations.
-
E.
Azure Data Lake Storage
Azure Data Lake Storage is a scalable, secure cloud-based data lake service from Microsoft designed for big data analytics and enterprise data warehousing workloads.
- F. None of above. chosen
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf |
Azure Storage feature
ⓘ
cloud security feature ⓘ |
| aimsTo |
enhance data security
ⓘ
support regulatory compliance ⓘ |
| allows |
revocation of customer-managed keys
ⓘ
rotation of customer-managed keys ⓘ |
| appliesTo | Azure Storage accounts NERFINISHED ⓘ |
| defaultState | enabled by default for new storage accounts ⓘ |
| developedBy | Microsoft ⓘ |
| doesNotRequire | application code changes for basic use ⓘ |
| encrypts |
Azure Blob Storage data
ⓘ
Azure Files data ⓘ Azure Queue Storage data ⓘ Azure Table Storage data ⓘ managed disks data when used with Storage ⓘ |
| enforces | server-side encryption ⓘ |
| isRecommendedFor | all production Azure Storage workloads ⓘ |
| isTransparentTo | applications ⓘ |
| partOf |
Azure Storage
NERFINISHED
ⓘ
Microsoft Azure NERFINISHED ⓘ |
| protects | data at rest ⓘ |
| protectsAgainst | unauthorized access to data at rest ⓘ |
| provides | encryption at rest ⓘ |
| regionAvailability | all Azure public regions ⓘ |
| scope |
all data in a storage account
ⓘ
data in transit between storage service and disk ⓘ |
| supports |
Azure CLI configuration
ⓘ
Azure China regions NERFINISHED ⓘ Azure Government regions NERFINISHED ⓘ Azure Resource Manager templates configuration ⓘ Microsoft-managed keys ⓘ Portal-based configuration ⓘ PowerShell configuration ⓘ customer-managed keys ⓘ encryption for both HDD and SSD-backed storage ⓘ encryption for both standard and premium storage tiers ⓘ encryption of both data and metadata ⓘ encryption of data in all redundancy options ⓘ geo-redundant storage encryption ⓘ per-tenant key management via Key Vault ⓘ |
| supportsComplianceWith |
industry regulations
ⓘ
organizational security policies ⓘ |
| uses |
AES-256 encryption
ⓘ
Azure Key Vault NERFINISHED ⓘ Azure Key Vault Managed HSM NERFINISHED ⓘ data encryption keys protected by key-encryption keys ⓘ per-service encryption keys within a storage account ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: Azure Storage Encryption Description of subject: Azure Storage Encryption is a Microsoft Azure feature that automatically encrypts data at rest in storage accounts using managed or customer-managed keys to enhance data security and compliance.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.