Unable to create an index synonym map in Azure Cognitive Search with Customer managed encryption key option

0 votes

1

I am trying to create an index/synonym map with encryption using "Customer" managed key option however I am not able to do so.

I am constantly getting the following error back from the service:

Failed to verify account key (HTTP Status Code: 403).

Here's what my request body for synonym map looks like:

{
    "name":"test",
    "format":"solr",
    "synonyms":"",
    "encryptionKey":
    {
        "keyVaultKeyName":"AzSearchKey2",
        "keyVaultKeyVersion":"02cc721e41654f079c173744313f24b0",
        "keyVaultUri":"https://azure.microsoft.com/en-us/products/key-vault"
    }
}
Mar 2, 2022 in Azure by Edureka
• 13,620 points
547 views

1 answer to this question.

0 votes
Following up with Gaurav confidentially, we determined that it was due to the key retention duration being too short (7 days retention instead of 90 days). We recently changed the product code to accommodate lower retention periods (down to 7 days), and the fix will be sent out globally in the coming weeks. Meanwhile, if you have the same problem, please change your key retention policy to 90 days. This incorrect condition can be identified if you receive the following notice from Azure Search when constructing an encrypted index or synonym map:

DataPlaneApiException: Could not wrap/unwrap the encryption key using the key vault key (YOUR KEY URL). The degree of key vault key deletion-recovery is inadequate. Soft-Delete and Purge Protection on Key vault must be activated, as described here: https://aka.ms/key-vault-soft-delete.
answered Mar 2, 2022 by Edureka
• 12,690 points

Related Questions In Azure

0 votes
0 answers

Best way to keep Azure Postgres in sync with Azure SQL

For the use of pretty much everything, ...READ MORE

Feb 14, 2023 in Azure by Damonlang
• 1,230 points
463 views
0 votes
1 answer

Can I create virtual machine without virtual network in Azure Resource Manager?

A VNet is used to provide the ...READ MORE

answered Mar 4, 2022 in Azure by Edureka
• 13,620 points
2,186 views
0 votes
1 answer
0 votes
1 answer

enable azure search synonyms

The '@' in the synonymmap definition designates ...READ MORE

answered Mar 1, 2022 in Azure by Edureka
• 12,690 points
494 views
0 votes
1 answer

Why is Azure Key Vault secure?

A key vault is a safe place ...READ MORE

answered Mar 1, 2022 in Azure by Edureka
• 12,690 points
629 views
0 votes
1 answer

Power BI and Azure Key vault

Yes, Azure Key Vault is compatible with ...READ MORE

answered Apr 11, 2022 in Azure by Edureka
• 12,690 points
1,917 views
0 votes
1 answer

How to create a service connection for Azure in Azure Devops (with pictures)

to create a service connection for Azure ...READ MORE

answered Mar 29, 2022 in Azure by Edureka
• 12,690 points

edited Jul 4, 2023 by Khan Sarfaraz 8,911 views
0 votes
1 answer

How do I use Powershell to create an Azure Web App that runs on Linux?

Try the command below: New-AzureRmResource -ResourceGroupName <ResourceGroupName> -Location ...READ MORE

answered Mar 25, 2022 in Azure by Edureka
• 12,690 points
1,062 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP