Customer-managed keys for Azure NetApp Files volume encryption (CMK) provides the key manageability for additional security. With this capability,you can increase security of your encryption keys by taking direct ownership of managing key rotation, access, permissions and auditing tasks. You can encrypt and decrypt your data stored in Azure NetApp Files using your own secured key for maximum control/management of key access.
Secure key management: The keys are generated and managed by the customer organization. This provides additional security layer by reducing the risk of unauthorized key access. This provides protection against insider threats and unauthorized data access.
Regulatory/compliance: Several entities have strict regulations for data protection. CMK helps comply with various requirements and provide ability to track key management for regulatory purposes.
Performance: There is no performance impact when using CMK. It simply protects the account encryption key using the Azure Key Vault.
This feature is now GA in these regions and we will be rolling out to other regions.