AzureDev: Encrypting an Azure VM

Posted on by ray.bishun

Prerequisites

  1. An Azure Subscription
  2. An Azure Key Vault
  3. An Azure Virtual Machine
  4. NOTE #1: Only Standard or higher VMs support disk encryption
  5. NOTE #2: The VM and Key Vault must be in the same region

My Virtual Machine Configuration

  1. Image: Windows Server 2019 Datacenter
  2. Size: Standard B1s (1vcpu, 1GiB memory)
  3. OS disk type: Standard SSD
  4. Cost: $10.42/month

Create a Key

  1. https://portal.azure.com
  2. Key Vaults
  3. Select your Key Vault
  4. Settings\Keys
  5. Generate/Import
  6. Create

Key Created & Enabled

OS Disk Before Encryption

Encrypt Disk using Azure Cloud Shell

  1. https://portal.azure.com
  2. Launch the Azure Cloud Shell
  3. Ensure the environment is set to PowerShell
  4. Execute the commands shown below
  5. Alternatively, run the script from the Git link provided below
  6. NOTE: Encryption requires approximately 15 minutes to complete

OS Disk After Encryption

Git

  1. https://github.com/raybishun/scripts/blob/master/ps/cloud/azure/vm_management/encrypt_vm.ps1

References

  1. https://docs.microsoft.com/en-us/azure/virtual-machines/windows/encrypt-disks

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Published by ray.bishun

AzureDev: Encrypting an Azure VM

Posted on by ray.bishun

Prerequisites

  1. An Azure Subscription
  2. An Azure Key Vault
  3. An Azure Virtual Machine
  4. NOTE #1: Only Standard or higher VMs support disk encryption
  5. NOTE #2: The VM and Key Vault must be in the same region

My Virtual Machine Configuration

  1. Image: Windows Server 2019 Datacenter
  2. Size: Standard B1s (1vcpu, 1GiB memory)
  3. OS disk type: Standard SSD
  4. Cost: $10.42/month

Create a Key

  1. https://portal.azure.com
  2. Key Vaults
  3. Select your Key Vault
  4. Settings\Keys
  5. Generate/Import
  6. Create

Key Created & Enabled

OS Disk Before Encryption

Encrypt Disk using Azure Cloud Shell

  1. https://portal.azure.com
  2. Launch the Azure Cloud Shell
  3. Ensure the environment is set to PowerShell
  4. Execute the commands shown below
  5. Alternatively, run the script from the Git link provided below
  6. NOTE: Encryption requires approximately 15 minutes to complete

OS Disk After Encryption

Git

  1. https://github.com/raybishun/scripts/blob/master/ps/cloud/azure/vm_management/encrypt_vm.ps1

References

  1. https://docs.microsoft.com/en-us/azure/virtual-machines/windows/encrypt-disks

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Published by ray.bishun