When working with Microsoft Azure, Entrust recommends the following:

• If your corporate Azure subscription is shared among multiple users, we recommend you use the Azure Resource Manager to lock the Cryptographic Security Platform Vault resources in the resource group so that they are not accidentally deleted.
• If you deploy multiple Cryptographic Security Platform Compliance Manager nodes in Azure to create your Cryptographic Security Platform Vault cluster, we recommend that the nodes be in different regions and resource groups to provide high availability.
• If you need to move a Cryptographic Security Platform Compliance Manager node to another region, we recommend that you deploy a new Cryptographic Security Platform Compliance Manager node in the new region, add that node to the existing cluster, and then delete the old Cryptographic Security Platform Compliance Manager node.