"code":"NotSupported","message":"Azure Disk Encryption extension version '1.1 ' without AAD client/secret is not supported on VMs previously encrypted with AAD client/secret."
I am getting this error when I try to enable disk encryption in my Azure VM - I checked the other thread which answer this but it is not solving the problem. This is the first time ADE is being enabled on this VM and I am not aware if this was encrypted…
Create CMK encryption for azure disk, with private endpoint for azure key vault
For the azure disks, when we enabling CMK encryption , we create a azure disk encryption set and associate it the key generated from key vault and this is working fine. now the azure VM starts with CMK encryption and works fine. Our requirement is…
How to leverage Azure Encryption for MYSQL DB
Hi Team, We have explicitly encrypted some PII Data at our MySQL DB. This is causing some issues while connecting to our Database and populate it else where with decryption needed always. Is there a way we can leverage this to the Azure MySQL where i…
Migrate Platform Managed Keys to Customer Managed keys
Hi, We have several windows and linux azure VMs with disk encyrption being Platform managed keys. Around 100 disks How to collectively migrate those disks from Platform Managed Keys to Customer Managed Keys. We plan to store those CMK keys in…
I am trying to encrypt disks in my Azure Linux VM(CentOS 7) with some critical data, how can I do it?
I am trying to encrypt disks in my Azure Linux VM(CentOS 7) with some critical data, how can I do it?
Key auto-rotation not compatible with Azure Disk Encryption
Hi all, on https://learn.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-key-vault?tabs=azure-portal#azure-disk-encryption-and-auto-rotation it is said that: Although Azure Key Vault now has key auto-rotation, it…
Logging for for storage account customer managed key rotation
I followed this guide https://learn.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview to setup CMK. I can see from storage account properties and change analysis tool that new key version was automatically configured. I could not…
Communication between VM OS disk and Compute is unencrypted?
Hi. I am trying to fix one of Azure Security recommendations "Virtual machines should encrypt temp disks, caches, and data flows between Compute and Storage resources". This recommendation gets triggered on VM that does not have not temp disk…
PMK / CMK keys
I know when you create a CMK for vm encryption you create a KV that a DES policy will pull from. Thus, if I spin up / deploy 1,000 vm's that a particular DES, all 1,000 will have they same encryption key. I know you can create multiple KV/DES…
Not able to encrypt for OS disk in the VM
I have navigated to VM--> Disks--> Additional settings --> I have chosen OS disk and also chosen respective Key vault and key--> after saving it is giving below error. Please suggest
Azure Encryption at host
I have configured Encryption (SSE with CMK) on Azure disk. Now I'm getting a Microsoft defender recommendation, saying that "Virtual machines and virtual machine scale sets should have encryption at host enabled" How to enable encryption at…
Azure Disk Encryption for SF - Performance, Downtime, Key Vault Authentication & Request Rate
Hi team, We're trying to enable the Azure Disk encryption extension for our SF clusters. I've few doubts if you could answer- Will there be any performance impact after these changes on the compute and boot time? Will there be any…
Can a managed disk with server-side encryption using platform managed keys be exported and imported to a VM on a different tenant. Or, are PMKs tenant specific?
Hi, Just looking at pros and cons of server-side encryption using platform managed keys. Specifically, I'm trying to confirm whether disks that are encrypted with SSE using PMKs can be decrypted in ANY Azure tenant, e.g.. if SSE encrypted disk is…
Resizing Root Encrypted Azure linux VM
Hi, I upgraded Ubuntu VM OSDisk size from 64 GB to 80 GB by Portal. Now I need to resize root filesystem due to already 100% usage. I tried to resize /dev/sda1 using fdisk and reboot. The problem is after reboot I can't log in…
Are Azure API Management configurations, policies stored encrypted on Azure platform?
In Azure API Management are the configurations such as policies, e.g. SOAP to REST conversion, IP whitelisting, stored encrypted on Azure platform?
Azure Disk Encryption only on OS Disk
i have a short Question about Azure Disk Encryption. I have activated it on aditional Settings and have configured the Option "OS and Data Disk". When i now look at the Diks i can see that only the OS diks is encrypted. I have…
Data encryption keys managment
Hi all, I'm trying to understand if with flexible postgreSQL Database, volume encryption can be configured in a way in which keys are managed by me and not by the system, using a key vault or something similar... I've found that encryption (similar…
Disk Encryption support
Hello, we are considering disk encryption with our own keys. What are the options of troubleshooting the potential issues by MS Support Engineer if any operation fail? Does have MS Support engineer access to my Key Vault or keys? What happened if I…
Is SAN encryption and Bitlocker disk encryption same?
Dear All If i do disk encryption with BitLocker in Windows server is SAN encryption needed for data protection. I want to do it on premises server not in azure. Sorry i have to tags azure-disk-encryption as don't find any other encryption…
Azure Disk Encryption for Windows VMs - Where are the keys?
We encrypt all of our Windows VMs with Azure Disk Encryption, and back them up with Azure Backup. We know the process on how to encrypt VMs and the requirements, etc. We recently had to restore a file from an encrypted disk. Since single file…