I have a Go application the creates a disk encryption set in tenant A, on Azure. It uses an Azure CMK created by the customer in tenant B.
I need to know the location of the key. I only have access to the key, and not the key vault in customer's tenant.
The key url does not include location. The url looks like: https://<vault_name>.vault.azure.net/keys/<key_name>/<version>
I couldn't find an API to do this in the SDK.
The only way I can think to do this is force a failure by having the disk and key in different locations, then parsing the error message for the key's location. Below is an example of the error message:
{
"code": "DeploymentFailed",
"message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.",
"details": [
{
"code": "Conflict",
"message": "{\r\n \"error\": {\r\n \"code\": \"KeyVaultAndDiskInDifferentRegions\",\r\n \"message\": \"The key vault 'customer-key-vault' is located in region 'japanwest'. Key vault must be located in the same region 'eastus' as the disk and disk encryption set.\"\r\n }\r\n}"
}
]
}
Needless to say, this sucks. Is there any other possibility ?
