New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Only encrypting OS disk for Windows #37795
Comments
@karlochacon Can you please provide us with the URL of the Azure Doc that you are having issues with? We look forward to your reply. |
sorry I forgot tried and tried specifying All and Data and same issue thanks |
any update guys did it work for you or not? thanks |
@karlochacon For more information, How to Enable disk encryption on Data disk One thing to check first: After attaching a new data disk, there are some steps that need to be taken to initialize the disk inside of Windows before it can be encrypted. Has this been done? If not, some steps on how to do this are available here: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/attach-managed-disk-portal#initialize-a-new-data-disk $rgName = "Storage-Resources" Register-AzResourceProvider -ProviderNamespace "Microsoft.KeyVault" $keyVaultName = "diskk****ubm" #Install-Module -Name Az.KeyVault #Import-module -Name Az.KeyVault -RequiredVersion 1.0.1 #Install-Module -Name Az.KeyVault -RequiredVersion 1.0.1 #Install-Module -Name Az.KeyVault -RequiredVersion 0.7.0 Add-AzKeyVaultKey -VaultName 'diskkeyessubm' -Name 'tsteys' -Destination 'Software' $sequenceVersion = [Guid]::NewGuid(); $keyVault = Get-AzKeyVault -VaultName $keyVaultName -ResourceGroupName $rgName; Set-AzVMDiskEncryptionExtension -ResourceGroupName $rgName Restart the VM and wait for a 5-10 Minutes, I was able to encrypt the 2 attached disk at same time, by above mentioned script. Get-AzVmDiskEncryptionStatus -ResourceGroupName $rgName -VMName "filesync" |
thanks a lot I will take a look then, I think the disk was just added from azure but not formatted using Windows NTFS or any other |
@karlochacon We will now proceed to close this thread. If there are further questions regarding this matter, please tag me in your reply. We will gladly continue the discussion and we will reopen the issue. |
hi
I am running this script from your site but for Windows Server (I was testing windows 2012 R2) only OS disk gets encrypted and Data it won't I tried setting Data after having OS disk encrypted but same issue any idea?
$RGName = "RG"
$VMName = "vm02"
$VaultName= "vaultkey-1111"
$KeyVault = Get-AzKeyVault -VaultName $VaultName -ResourceGroupName $RGName
$DiskEncryptionKeyVaultUrl = $KeyVault.VaultUri
$KeyVaultResourceId = $KeyVault.ResourceId
$VolumeType = "All"
Set-AzVMDiskEncryptionExtension -ResourceGroupName $RGName -VMName $VMName -DiskEncryptionKeyVaultUrl $DiskEncryptionKeyVaultUrl -DiskEncryptionKeyVaultId $KeyVaultResourceId -VolumeType $VolumeType
thanks
The text was updated successfully, but these errors were encountered: