162 questions with Azure Disk Encryption tags

Sort by: Updated
Updated Created Answers
1 answer

Why do I not see Encryption at host as an option?

Hi all. I have enabled encryption at host using the following command: egister-AzProviderFeature -FeatureName "EncryptionAtHost" -ProviderNamespace "Microsoft.Compute" After a few minutes i run: Get-AzProviderFeature…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-09-24T13:58:59.793+00:00
palmer jay 1 Reputation point
answered 2021-09-24T18:10:08.24+00:00
deherman-MSFT 34,196 Reputation points Microsoft Employee
1 answer One of the answers was accepted by the question author.

Why use a Key Encryption Key (KEK)?

What attack scenario(s) does it prevent or mitigate? (Assume that no-one in the org needs access to the key vault)

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-08-22T02:07:14.527+00:00
Iain Shepherd 21 Reputation points
accepted 2021-08-25T00:39:25.897+00:00
Iain Shepherd 21 Reputation points
1 answer

Unable to encrypt OS disk using ADE on windows 2012 r2 VM

I tried encrypting the os disk of my windows 2012 r2 vm but gives below error: Set-AzVMDiskEncryptionExtension : Long running operation failed with status 'Failed'. Additional Info:'VM has reported a failure when processing extension…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-07-31T07:05:06.563+00:00
Mahitha 21 Reputation points
answered 2021-08-02T10:09:14.333+00:00
Sumarigo-MSFT 44,336 Reputation points Microsoft Employee
2 answers

What are the cons of Azure Disk Encryption?

Before implementing ADE, i want to know its cons/limitations. Please help with the details

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-01-26T12:02:27.6+00:00
Nagender Rathi 11 Reputation points
commented 2021-07-31T18:25:40.93+00:00
Anonymous
2 answers One of the answers was accepted by the question author.

bek volume corruption

Hi I have an Azure VM with ADE enabled I have it backed up to Recovery Services Vault. I've just logged into the VM and its asking me to 'Restart to repair drive errors' and from checking the Event log there's lots of errors caused by corruption on the…

Azure Backup
Azure Backup
An Azure backup service that provides built-in management at scale.
1,149 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,333 questions
Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-07-05T15:02:20.237+00:00
Archer252 21 Reputation points
answered 2021-07-12T10:05:57.097+00:00
Archer252 21 Reputation points
1 answer One of the answers was accepted by the question author.

Disk Encryption

How do I get a list of servers by encryption type (SSE/ADE or both)?

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-06-23T13:35:35.927+00:00
Jack Vrtar (Admin) 21 Reputation points
accepted 2021-06-24T12:05:23.78+00:00
Jack Vrtar (Admin) 21 Reputation points
0 answers

Bitlocker - Encryption report Intune

Hello, I have a device that has been encrypted by a Bitlocker policy. This device shows up in the Encryption report, however, while the Encryption readiness column shows Ready, and the Device encryption has been completed for 24hrs the status still…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-06-22T19:20:13.53+00:00
Thomas Mee 1 Reputation point
commented 2021-06-24T07:29:31.23+00:00
Sumarigo-MSFT 44,336 Reputation points Microsoft Employee
1 answer

Managed and unmanaged disk encryption

Hi, I have some questions. I created Key vault and then I did encrypt OS+Data Disk. Now my question is if I will not encrypt it myself then by default it will be encrypted too. see image 4. What is the difference between default encryption…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
Azure Disk Storage
Azure Disk Storage
A high-performance, durable block storage designed to be used with Azure Virtual Machines and Azure VMware Solution.
584 questions
asked 2021-06-23T12:08:28.153+00:00
HASSAN BIN NASIR DAR 306 Reputation points
answered 2021-06-23T18:42:05.877+00:00
shiva patpi 13,146 Reputation points Microsoft Employee
2 answers

Azure Encrypted VM backup

Hi, I have two VMs in Azure. VM01 disk is encrypted But VM02 disk is not encrypted. I have a backup for VM02. Now I want to create a backup for VM01. Since VM01 has encrypted disk. So my question is, Backup steps for the VM01 are same as VM01 or…

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,791 questions
Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-06-15T13:40:57.353+00:00
HASSAN BIN NASIR DAR 306 Reputation points
commented 2021-06-18T11:38:33.687+00:00
SUNOJ KUMAR YELURU 13,986 Reputation points MVP
1 answer

How to recover data from a BitLocker Encrypted External HD?

I was encrypting my external HDD using Bitlocker. At about 50%, the cable got unplugged. When I connected the HDD again, it says the drive is locked. When I enter the password, it does not accept. When I use the recovery key, it does not accept it…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-06-06T21:27:24.083+00:00
HM1989 1 Reputation point
commented 2021-06-10T16:21:44.13+00:00
Pranathi Panyam_MSFT 1,006 Reputation points Microsoft Employee
1 answer One of the answers was accepted by the question author.

how to restrict usb drives and other peripherals in windows 10, does bitlocker do, if not, do you have any solution

I would like to manage all USB devices plugged on our computers throughout the domain. I would like to be able to block or unblock any of them, while letting other devices working in windows 10 function, example printer , mouse, keyboard. With GPO its…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,365 questions
Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,291 questions
Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,763 questions
asked 2021-05-12T17:28:34.81+00:00
Software Registration 21 Reputation points
accepted 2021-05-19T12:47:46.307+00:00
Software Registration 21 Reputation points
1 answer One of the answers was accepted by the question author.

Azure Storage Encryption at the Storage Container Level

We are planning to use a Storage API which will be accessed by some LoB Apps. Some apps will be using one Storage Account belonging to one Business Unit, other Apps will be using a different storage account if they are part of another BU We are using…

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,791 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,523 questions
Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-05-03T19:24:18.217+00:00
Pallab Chakraborty 401 Reputation points
accepted 2021-05-12T20:13:03.02+00:00
Pallab Chakraborty 401 Reputation points
5 answers

Mounting an Encrypted Data disk (Encrypted with ADE) to another VM from another VM that is being deallocated - Workflow - Clarification requested

Here is a workflow: I have a VM with 2 disks - One is a OS disk and one is a Data Disk (Persistent Disk) I mount the Data disk to the VM and i use ADE Encryption on it using AzureDisEncryptionForLinux VM extension. The key is stored in Azure…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2020-09-10T12:04:10.06+00:00
nithya swaminathan 1 Reputation point
answered 2021-04-12T13:25:12.803+00:00
Shekhar Gupta 1 Reputation point
1 answer One of the answers was accepted by the question author.

Intune - BitLocker - Azure AD Joined - Script ?

Hello everyone, I'm newbie with Microsoft Intune, and relatively new in my job. For a client I have to migrate him from AirWatch to Intune, but I have a problem with encryption, my client would like to activate encryption silently on his devices…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,542 questions
asked 2021-03-26T14:39:01.713+00:00
Julien bastin 21 Reputation points
commented 2021-03-31T08:39:47.357+00:00
Crystal-MSFT 44,831 Reputation points Microsoft Vendor
1 answer

AKS diskEncryptionSetID disk encryption error 'pod has unbound immediate PersistentVolumeClaims'

kubernetesVersion: 1.19.7 agentPoolProfiles.vmSize: Standard_D3_v2 K8S Charts: https://github.com/sunkararp/IgniteChart We followed Link to setup diskEncryptionSetID. Pods are not getting deployed; stuck with error 'pod has unbound…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,909 questions
Azure Disk Storage
Azure Disk Storage
A high-performance, durable block storage designed to be used with Azure Virtual Machines and Azure VMware Solution.
584 questions
asked 2021-02-20T18:59:37.577+00:00
Porsche Me 131 Reputation points
commented 2021-03-01T16:09:53.527+00:00
Porsche Me 131 Reputation points
2 answers One of the answers was accepted by the question author.

migrate encrypted VM from Azure to AWS cloud

Dear team., There is a requirement of Azure VM with Encrypted Disks (SSE+PMK and with ADE and keys are stored in Azure Key vault) which needs to be migrated from Azure to AWS. For Migrating the Azure encrypted VM's to AWS using AWS SMS or AWS Cloud…

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,155 questions
Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-02-19T17:37:37.257+00:00
Ankit Rathod 371 Reputation points
answered 2021-02-21T06:56:33.047+00:00
Ankit Rathod 371 Reputation points
2 answers

Azure Disk Encryption not working

I'm facing issues while enabling Azure Disk Encryption on a Windows Server 2012 R2 OS disk. I'm getting error as "[2.2.0.36]Failed to configure machine for Bitlocker encryption. Reboot the VM and retry the operation". I have gone through…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2021-02-14T06:58:57.853+00:00
Sudheer Kumar 1 Reputation point
answered 2021-02-15T10:28:08.753+00:00
Sumarigo-MSFT 44,336 Reputation points Microsoft Employee
0 answers

Does Azure comply to NIST 800-111 standards

Does encryption for data in rest in Azure storage comply to NIST 800-111 standards

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,791 questions
Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2020-12-09T22:31:08.687+00:00
Kumar, Karunesh 1 Reputation point
commented 2020-12-22T11:30:15.657+00:00
Sumarigo-MSFT 44,336 Reputation points Microsoft Employee
1 answer

Restoring a VM that used to be encrypted

This is my scenerio I have a VM that is encrypted. I remove the encryption from the drives and remove the encryption extension. I then need later want to restore the VM from a time when it was still encrypted. The restore prompts me that the drive…

Azure Backup
Azure Backup
An Azure backup service that provides built-in management at scale.
1,149 questions
Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
asked 2020-12-16T09:25:46.097+00:00
David Toseland 1 Reputation point
commented 2020-12-21T17:19:54.133+00:00
Sumarigo-MSFT 44,336 Reputation points Microsoft Employee
2 answers One of the answers was accepted by the question author.

Disk Encryption Sets broken after transfer of subscription

Managed Identity of Disk Encryption Set get broken after transfer of my subscription. It says Failed to grant permissions to the key vault 'imlibra-me'. Error: An invalid value was provided for 'accessPolicies'. But when I created an another Disk…

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
162 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,983 questions
asked 2020-12-09T20:33:21.99+00:00
Heting Wang 96 Reputation points
commented 2020-12-11T16:53:23.677+00:00
deherman-MSFT 34,196 Reputation points Microsoft Employee