VM Encryption in Azure

Using Bitlocker to encrypt storage in VM

  • Marketplace – Key vault
  • Create a new keyvault
  • Keyvault can contain either 
    • Keys
    • Secrets
    • Certificates
  • KeyVault/VMs etc should be in the same region.
  • New in 2020: Create Disk Encryption Set, add the key – all should be in same region
  • While creating VM, attach disk with customer managed key & select the disk encryption set created in prev. Step. – VM should be in the same regions too else u won’t see that “Disk Encryption Set”.

Src: https://docs.microsoft.com/en-in/azure/virtual-machines/linux/disk-encryption

Leave a Reply

Your email address will not be published.