Azure availability zones
Availability zones are unique physical locations within the same Azure region.
Azure availability zones can protect an Azure Data Explorer cluster and data from partial region failure.
Deploying a new cluster to different availability zones means the underlying compute and storage components are deployed to different zones in the region with independent power, cooling and networking. In a case of a zonal downtime the cluster will continue to work, but it might have performance degradation until the failure will be resolved.
In addition, you can use zonal services which means allowing to pin an Azure Data Explorer cluster to the same zone as other Azure resources that are used in conjunction with that cluster.
Deployment to various or specific availability zones can be done only during cluster creation and it cannot be modified later.
For more details on enabling availability zones on Azure Data Explorer please read - https://docs.microsoft.com/en-us/azure/data-explorer/create-cluster-database-portal
Azure Disk Encryption
Azure Data Explorer now supports encryption at REST.
Encryption at REST provides protection to the data and OS stored on the Disk and SSD.
Enabling disk encryption can be performed on an existing cluster that either contains or does not contain data.
All data hosted will be encrypted and after that encryption will take place when new data is persisted.
For more details on Azure Disk Encryption please read – https://docs.microsoft.com/en-us/azure/security/fundamentals/encryption-atrest
For more details on enabling disk encryption on Azure Data Explorer please read - https://docs.microsoft.com/en-us/azure/data-explorer/manage-cluster-security
Microsoft
