New-AzDiskEncryptionSetConfig
建立可設定的磁碟加密集物件。
Syntax
New-AzDiskEncryptionSetConfig
[-Location] <String>
[[-Tag] <Hashtable>]
[[-IdentityType] <String>]
[[-SourceVaultId] <String>]
[-KeyUrl <String>]
[-EncryptionType <String>]
[-RotationToLatestKeyVersionEnabled <Boolean>]
[-FederatedClientId <String>]
[-UserAssignedIdentity <Hashtable>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
建立可設定的磁碟加密集物件。
範例
範例 1
$config = New-AzDiskEncryptionSetConfig -Location 'westcentralus' -KeyUrl "https://valut1.vault.azure.net:443/keys/key1/mykey" -SourceVaultId '/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.KeyVault/vaults/vault1' -IdentityType 'SystemAssigned'
$config | New-AzDiskEncryptionSet -ResourceGroupName 'rg1' -Name 'enc1'
使用金鑰保存庫中的指定使用中金鑰建立磁碟加密集。
範例 2
$userAssignedIdentities = @{ "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}" = @{}};
$config = New-AzDiskEncryptionSetConfig -Location 'westcentralus' -KeyUrl "https://valut1.vault.azure.net:443/keys/key1/mykey" -SourceVaultId '/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.KeyVault/vaults/vault1' -IdentityType 'UserAssigned' -RotationToLatestKeyVersionEnabled $True -UserAssignedIdentity $userAssignedIdentities -FederatedClientId "13ebe945-1314-41b4-8b58-f3784e0dd278"
$config | New-AzDiskEncryptionSet -ResourceGroupName 'rg1' -Name 'enc1'
使用 UserAssignedIdentity 和 FederatedClientId
參數
-Confirm
執行 Cmdlet 之前先提示您確認。
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
用於與 Azure 通訊的認證、帳戶、租用戶和訂用帳戶。
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EncryptionType
使用此設定磁碟加密集的加密類型。 可用的值為:『EncryptionAtRestWithPlatformKey』、『EncryptionAtRestWithCustomerKey』。
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-FederatedClientId
多租使用者應用程式用戶端識別碼,以存取不同租使用者中的密鑰保存庫。
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-IdentityType
DiskEncryptionSet 所使用的受控識別類型。 僅支援 SystemAssigned。
Type: | String |
Position: | 2 |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-KeyUrl
指向 KeyVault 中作用中金鑰的 URL
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Location
指定位置。
Type: | String |
Position: | 0 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-RotationToLatestKeyVersionEnabled
取得或設定將此旗標設定為 true,以啟用此磁碟加密的自動更新
Type: | Nullable<T>[Boolean] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-SourceVaultId
包含使用中金鑰之 KeyVault 的資源識別碼。
Type: | String |
Position: | 3 |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Tag
哈希表形式的索引鍵/值組。 例如:@{key0=“value0”;key1=$null;key2=“value2”}
Type: | Hashtable |
Position: | 1 |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-UserAssignedIdentity
與磁碟加密集相關聯的使用者身分識別清單。 使用者身分識別字典索引鍵參考的格式為 ARM 資源標識符:'/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'。
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-WhatIf
顯示執行 Cmdlet 後會發生的情況。 未執行 Cmdlet。
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
輸入
輸出
意見反應
https://aka.ms/ContentUserFeedback。
即將登場:在 2024 年,我們將逐步淘汰 GitHub 問題作為內容的意見反應機制,並將它取代為新的意見反應系統。 如需詳細資訊,請參閱:提交並檢視相關的意見反應