From 37288df8a51c0a50d63c99f6e9febe264067c7e6 Mon Sep 17 00:00:00 2001 From: Fi Quick <47183728+fiquick@users.noreply.github.com> Date: Thu, 30 Oct 2025 10:25:14 +0000 Subject: [PATCH 1/3] region requirements --- modules/ROOT/pages/security/encryption.adoc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/ROOT/pages/security/encryption.adoc b/modules/ROOT/pages/security/encryption.adoc index d1b6decbb..1afed37f5 100644 --- a/modules/ROOT/pages/security/encryption.adoc +++ b/modules/ROOT/pages/security/encryption.adoc @@ -85,6 +85,11 @@ When using a Customer Managed Key within Aura to encrypt one or more Aura databa If you no longer need to use this Customer Managed Key to encrypt Aura databases, first delete the Aura database instances that are encrypted with the key, then you can remove the key from Aura. Keep in mind that this process only breaks the link between the key and Aura - it does not delete the actual key from the Cloud KMS. +== Region requirements + +The Customer Managed Key must be created in the same region as your Aura instance. This applies to AWS, Azure, and GCP. +For Azure, both the key vault and the Customer Managed Key must be in the same region as the Aura instance. + == AWS keys === Create an AWS key From 4b4b0d4d052e6c5953ada22e11ba7e9d0ce29a44 Mon Sep 17 00:00:00 2001 From: Fi Quick <47183728+fiquick@users.noreply.github.com> Date: Fri, 12 Dec 2025 11:45:02 +0000 Subject: [PATCH 2/3] Update modules/ROOT/pages/security/encryption.adoc Co-authored-by: Jessica Wright <49636617+AlexicaWright@users.noreply.github.com> --- modules/ROOT/pages/security/encryption.adoc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/ROOT/pages/security/encryption.adoc b/modules/ROOT/pages/security/encryption.adoc index 1afed37f5..21ab2633c 100644 --- a/modules/ROOT/pages/security/encryption.adoc +++ b/modules/ROOT/pages/security/encryption.adoc @@ -87,7 +87,8 @@ Keep in mind that this process only breaks the link between the key and Aura - i == Region requirements -The Customer Managed Key must be created in the same region as your Aura instance. This applies to AWS, Azure, and GCP. +The Customer Managed Key must be created in the same region as your Aura instance. +This applies to AWS, Azure, and GCP. For Azure, both the key vault and the Customer Managed Key must be in the same region as the Aura instance. == AWS keys From da415025178302ae79f954ca7f2d5e96698e9b5a Mon Sep 17 00:00:00 2001 From: Fi Quick <47183728+fiquick@users.noreply.github.com> Date: Fri, 12 Dec 2025 11:52:12 +0000 Subject: [PATCH 3/3] update --- modules/ROOT/pages/security/encryption.adoc | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/ROOT/pages/security/encryption.adoc b/modules/ROOT/pages/security/encryption.adoc index 517e670a6..007760100 100644 --- a/modules/ROOT/pages/security/encryption.adoc +++ b/modules/ROOT/pages/security/encryption.adoc @@ -88,7 +88,6 @@ Keep in mind that this process only breaks the link between the key and Aura - i The Customer Managed Key must be created in the same region as your Aura instance. This applies to AWS, Azure, and GCP. -For Azure, both the key vault and the Customer Managed Key must be in the same region as the Aura instance. == AWS keys