![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 84%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,156 questions
Hi Aditya,
A transaction is any successful authenticated REST API call to the vault. Some examples (incomplete list) are create, delete, wrap, unwrap, list, get, encrypt, decrypt.
Off the top of my head I can't think of any specific limitations related to disk encryption sets and key vaults other than they need to have access to the vault. If you have specific concern about them please add a comment below.
A single key vault should be able to handle a significant number of VMs using Customer Managed Keys for their disk encryption.
What you can do is monitor the metrics on the vault and see how many requests are coming in as well as average latency as you increase the number of VMs. Most common "burst" is when a VM is Started there will be some transactions against the key vault from storage.
Please click Accept Answer if the above was useful.
Thanks.
-TP