Disk Encryption

Jack Vrtar (Admin) 21 Reputation points

How do I get a list of servers by encryption type (SSE/ADE or both)?

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
109 questions
No comments
{count} votes

Accepted answer
  1. Olga Osinskaya - MSFT 3,836 Reputation points Microsoft Employee

    Hey @Jack Vrtar (Admin) ,

    I am just wondering if the below script will work for you.

    Taken from here:

    You can find all ADE-encrypted VMs and the extension version, in all resource groups present in a subscription, using this PowerShell script.

    Alternatively, these cmdlets will show all ADE-encrypted VMs (but not the extension version):

    $osVolEncrypted = {(Get-AzVMDiskEncryptionStatus -ResourceGroupName $_.ResourceGroupName -VMName $_.Name).OsVolumeEncrypted}  
    $dataVolEncrypted= {(Get-AzVMDiskEncryptionStatus -ResourceGroupName $_.ResourceGroupName -VMName $_.Name).DataVolumesEncrypted}  
    Get-AzVm | Format-Table @{Label="MachineName"; Expression={$_.Name}}, @{Label="OsVolumeEncrypted"; Expression=$osVolEncrypted}, @{Label="DataVolumesEncrypted"; Expression=$dataVolEncrypted}  

    Example of the output:



    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Olga O

0 additional answers

Sort by: Most helpful