Mandatory Azure Key Vault Purge Protection for TDE BYOK in Azure SQL DB and Managed Instance
As of April 2022, soft-delete and purge protection will be required to be enabled in Azure SQL on a key vault when configuring Transparent Data Encryption (TDE) with Customer Managed Key (CMK) on the server or managed instance.