For now you need to ignore the recommendation from the tool, since there is no way to encrypt master. The risk is of course than an IT auditor with poor understanding of Azure will insist on that master should be encrypted. In that case, you need to show the documentation right in the face of the auditor.

Note also what that excerpt says: You should absolutely not put any sensitive information in master. (Although, you may store the name of logins there, and that could be considered sensitive PII.)

If there would be a big push in general from auditors, I guess Microsoft will come up with something.

For now you need to ignore the recommendation from the tool, since there is no way to encrypt master. The risk is of course than an IT auditor with poor understanding of Azure will insist on that master should be encrypted. In that case, you need to show the documentation right in the face of the auditor.

Note also what that excerpt says: You should absolutely not put any sensitive information in master. (Although, you may store the name of logins there, and that could be considered sensitive PII.)

If there would be a big push in general from auditors, I guess Microsoft will come up with something.