Power Automate Launches New Customer-Managed Keys Feature
Image Source: Shutterstock.com
Power Automate
May 1, 2024 6:28 AM

Power Automate Launches New Customer-Managed Keys Feature

by HubSite 365 about Microsoft

Software Development Redmond, Washington

Citizen DeveloperPower AutomateM365 Release

Unlock Power Automates Potential with New Customer-Managed Encryption Keys

Key insights




  • General availability of Customer-Managed Encryption Keys (CMK) for Power Automate announced, enabling higher data security in the cloud.
  • CMK allows customers to use their own encryption keys from Azure Key Vault for securing Power Automate data, enhancing control over cloud data.
  • This feature supports new environments without existing flows, with encryption applying to flow definitions and flow run history.
  • Admin-led operation ensures CMK application is seamless for low-code developers, maintaining usability while enhancing security.
  • Option to lock environments, making data encrypted with customer's keys inaccessible to Microsoft services, ensuring complete data privacy.

Enhanced Data Security with Customer-Managed Encryption Keys in Power Automate

Microsoft announces the general availability of a new feature for Power Automate: Customer-Managed Keys (CMK). This feature, following a successful public preview, allows customers to use their own encryption keys to secure their data. It provides an added level of security, particularly beneficial to industries such as Healthcare and Financial Services.

Using CMK, customers can utilize an encryption key from their own Azure Key Vault, enhancing control over cloud data encryption. This key can then be applied across new Power Platform environments through an enterprise policy. The integration ensures that all services supporting CMK leverage the customer's own key for data encryption, thus bolstering data security and privacy.

  • CMK enables customers to bring their own encryption keys for their cloud data.
  • It provides extra protection, especially for highly regulated industries.
  • The implementation is admin-led and does not affect the experience of low-code developers.

Once CMK is applied, both flow definitions and flow run history within Power Automate are encrypted with the customer's keys. This feature supports new environments that currently have no flows; existing flows in an environment will remain encrypted with Microsoft's default keys. Importantly, admins have the option to lock environments, ensuring a total data lockdown.

Encouragement is extended to the Power Automate community for feedback and questions. This new advancement underscores Microsoft's commitment to providing secure and customizable solutions to its user base.

Read the full article New Power Automate Feature: Customer-Managed Keys Launched

Power Automate - Power Automate Launches New Customer-Managed Keys Feature

People also ask

What is the customer-managed key in Azure automation account?

Customer-managed keys offer a way for data to be encrypted using an Azure Key Vault key that you have created and own. This gives you complete control over the lifecycle and management of the key, including tasks like rotation. For additional information, head over to https://aka.ms/automation-cmk.

What is customer-managed keys?

Customer-managed encryption keys are those that you maintain through Cloud KMS, which provides you with enhanced control over the encryption keys used to secure data at rest within certain Google Cloud services. For details on which services are compatible with CMEK keys, refer to the official list of supported services.

What is customer-managed key in app configuration?

With the activation of customer-managed key features, App Configuration leverages a managed identity associated with the App Configuration service to authenticate with Microsoft Entra ID. This managed identity proceeds to communicate with Azure Key Vault, wrapping the encryption key of the App Configuration instance.

What are Microsoft managed keys?

Microsoft-managed keys represent a scenario where Microsoft's online services autonomously generate and manage the root keys necessary for Service Encryption. For customers needing to have control over their root encryption keys, the Service Encryption utilizing Microsoft Purview Customer Key is suggested.



Power Automate Customer-Managed Keys, Customer-Managed Keys Power Automate, Power Automate New Features, Power Automate Security, Enhanced Security Power Automate, Power Automate Encryption, User-Controlled Encryption Power Automate, Power Automate Data Protection