Microsoft Power Automate customer managed key support now generally available
We are excited to announce the general availability of Microsoft Power Automate customer managed key (CMK) support for environments with flows. Cloud flows will now be automatically protected when customers apply CMK enterprise policy to an environment.
In April this year, we enabled the support for CMK for new environments sans flows. Any new flows created in these new environments were protected with CMK. Going forward, there will be no need to start with a new environment without flows to protect cloud flows.
As customers move more workloads from on-premises to the cloud, some need greater control over their data. With customer managed encryption keys, customers can bring their own encryption keys to secure all their cloud data at rest, to provide them with added control. While all customer data is encrypted using Microsoft-managed encryption keys by default, CMK provides added protection, especially for highly regulated industries such as Healthcare and Financial Services, to protect their cloud assets using their own key.
With CMK, customers leverage an encryption key from their own Azure key vault, which Microsoft does not have access to. Customers can configure an enterprise policy with that encryption key and apply it to any new Power Platform environment. Once this policy is applied, all the services that have support for CMK will be protected using customer’s key. This operation is purely an admin-led operation and is invisible to low code developers and other makers who continue to use the service exactly the way they do today.
The experience to apply CMK enterprise policy will now automatically protect any cloud flows in the environment by migrating the flows to CMK protected infrastructure. You can learn more about this capability and tools to help you assess readiness here. Once CMK is applied, flow definitions, flow actions and their inputs and outputs, and flow run history are protected using the customer’s encryption keys.
Read more about Power Automate managed key support in our documentation here. Please feel free to provide your questions and feedback in the Power Automate Community.
Happy automating!
