Migrate Security Resources
This article has information that you may find helpful as you migrate Azure security resources across Azure regions.
Some features of Azure Key Vault can’t be migrated across Azure regions.
You can’t migrate encryption keys. Create new keys in the target region, and then use the keys to protect the target resource (for example, Azure Storage or Azure SQL Database). Securely migrate the data from the old region to the new region.
Application secrets are certificates, storage account keys, and other application-related secrets. During a migration, first create a new key vault in the target Azure region. Then, complete one of the following actions:
- Create new application secrets.
- Read the current secrets in the source Azure region, and then enter the value in the new vault.
Get-AzureKeyVaultSecret -vaultname mysecrets -name Deploydefaultpw
For more information:
- Refresh your knowledge by completing the Key Vault tutorials.
- Review the Key Vault overview.
- Review the Key Vault PowerShell cmdlets.
See Application Gateway chapter of Migrate Network Resources.
See VPN Gateway chapter of Migrate Network Resources.
Azure Active Directory
Azure AD function has no regional properties and no migration is required.
Azure Information Protection
Azure Information Protection function has no regional properties and no migration is required.
Security Center function has no regional properties and no migration is required.