title | description | author | ms.author | ms.topic | ms.service | ms.subservice | ms.date | ms.reviewer | ms.custom | ms.devlang |
---|---|---|---|---|---|---|---|---|---|---|
Creating and configuring a key vault for Azure Disk Encryption |
This article provides steps for creating and configuring a key vault for use with Azure Disk Encryption |
ju-shim |
jushiman |
tutorial |
azure-virtual-machine-scale-sets |
disks |
06/14/2024 |
mimckitt |
mimckitt, devx-track-azurecli, devx-track-azurepowershell |
azurecli |
Azure Disk Encryption uses Azure Key Vault to control and manage disk encryption keys and secrets. For more information about key vaults, see Get started with Azure Key Vault and Secure your key vault.
Creating and configuring a key vault for use with Azure Disk Encryption involves three steps:
- Creating a resource group, if needed.
- Creating a key vault.
- Setting key vault advanced access policies.
You may also, if you wish, generate or import a key encryption key (KEK).
The steps in this article can be completed with the Azure CLI, the Azure PowerShell Az module, or the Azure portal.
[!INCLUDE disk-encryption-key-vault]