We're investigating migrating from a physical on-premise server to an Azure VM.
Last week, a Windows Update on our physical server corrupted the privileges on the
C:\ProgramData\Microsoft\Crypto directory. This prevented the server from serving our SSL web sites, and also prevented us accessing it using remote desktop connection. We were locked out of the server and had no way of accessing it.
The corruption was confirmed by our hosting company, who then accessed the server and restored the above folders from backup. This fixed the problem.
Obviously customers can only access VM's via RDC and Bastion, but those require cryptography to function.
The question is within an Azure VM, would Microsoft have been able to access the machine to achieve the same solution in the event of us opening a support ticket?