AzureDev: Encrypting an Azure VM

Prerequisites

  1. An Azure Subscription
  2. An Azure Key Vault
  3. An Azure Virtual Machine
  4. NOTE #1: Only Standard or higher VMs support disk encryption
  5. NOTE #2: The VM and Key Vault must be in the same region

My Virtual Machine Configuration

  1. Image: Windows Server 2019 Datacenter
  2. Size: Standard B1s (1vcpu, 1GiB memory)
  3. OS disk type: Standard SSD
  4. Cost: $10.42/month

Create a Key

  1. https://portal.azure.com
  2. Key Vaults
  3. Select your Key Vault
  4. Settings\Keys
  5. Generate/Import
  6. Create

Key Created & Enabled

OS Disk Before Encryption

Encrypt Disk using Azure Cloud Shell

  1. https://portal.azure.com
  2. Launch the Azure Cloud Shell
  3. Ensure the environment is set to PowerShell
  4. Execute the commands shown below
  5. Alternatively, run the script from the Git link provided below
  6. NOTE: Encryption requires approximately 15 minutes to complete

OS Disk After Encryption

Git

  1. https://github.com/raybishun/scripts/blob/master/ps/cloud/azure/vm_management/encrypt_vm.ps1

References

  1. https://docs.microsoft.com/en-us/azure/virtual-machines/windows/encrypt-disks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

AzureDev: Encrypting an Azure VM

Prerequisites

  1. An Azure Subscription
  2. An Azure Key Vault
  3. An Azure Virtual Machine
  4. NOTE #1: Only Standard or higher VMs support disk encryption
  5. NOTE #2: The VM and Key Vault must be in the same region

My Virtual Machine Configuration

  1. Image: Windows Server 2019 Datacenter
  2. Size: Standard B1s (1vcpu, 1GiB memory)
  3. OS disk type: Standard SSD
  4. Cost: $10.42/month

Create a Key

  1. https://portal.azure.com
  2. Key Vaults
  3. Select your Key Vault
  4. Settings\Keys
  5. Generate/Import
  6. Create

Key Created & Enabled

OS Disk Before Encryption

Encrypt Disk using Azure Cloud Shell

  1. https://portal.azure.com
  2. Launch the Azure Cloud Shell
  3. Ensure the environment is set to PowerShell
  4. Execute the commands shown below
  5. Alternatively, run the script from the Git link provided below
  6. NOTE: Encryption requires approximately 15 minutes to complete

OS Disk After Encryption

Git

  1. https://github.com/raybishun/scripts/blob/master/ps/cloud/azure/vm_management/encrypt_vm.ps1

References

  1. https://docs.microsoft.com/en-us/azure/virtual-machines/windows/encrypt-disks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s