Powershell query to extract azure disk encryption info

MS Techie 2,701 Reputation points
2023-02-22T18:26:23.85+00:00

In azure management group, i want to find the list of all azure disks, with their subscription id , VM name and azure disk encryption info (like platform managed or azure disk encrypted).Do we have a powershell query to fetch such info. Or can we write azure graph explorer query to get disk encryption info and other details. Specific examples would help ..not generic example

Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,025 questions
Azure Disk Storage
Azure Disk Storage
A high-performance, durable block storage designed to be used with Azure Virtual Machines and Azure VMware Solution.
634 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,533 questions
{count} votes

2 answers

Sort by: Most helpful
  1. shiva patpi 13,251 Reputation points Microsoft Employee
    2023-02-22T21:09:51.7766667+00:00

    Hello @MS Techie ,

    Can you take a look at the below?

    https://learn.microsoft.com/en-us/answers/questions/1162949/write-a-query-to-see-what-disks-are-encrypted-with

    That has the Kusto query which you can run in Azure group explorer which will give all the details of disk encryption information (CMK & MMK) . Take a look at the 2 queries and you can tweak that properties column to filter out the corresponding values !

    Let us know if you need additional help on this !

    Regards,

    Shiva.


  2. shiva patpi 13,251 Reputation points Microsoft Employee
    2023-02-23T18:56:45.78+00:00

    Hello @MS Techie ,

    Below is the final query which will also display Management Group Name

    resources | where type == "microsoft.compute/disks"
    |extend properties=parse_json(properties), DiskName=name
    | extend encryptiondisktype=properties.encryption.type , DiskName=name,VMName = split(managedBy,"/")[8]
    | join kind=leftouter 
    (
        ResourceContainers
        | where type =~ 'microsoft.resources/subscriptions'
        | extend properties=parse_json(properties)
        | project SubName=properties.managementGroupAncestorsChain[0].displayName , subscriptionId, managementgroupname = properties.managementGroupAncestorsChain[0].displayName
        | project SubName, subscriptionId,managementgroupname
    )
    on $left.subscriptionId == $right.subscriptionId
    | project DiskName ,VMName, SubName,subscriptionId,encryptiondisktype,managementgroupname
    
    

    User's image

    Let us know if you need additional help.

    Regards,

    Shiva.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.