Disk Encryption

Jack Vrtar (Admin) 21 Reputation points

How do I get a list of servers by encryption type (SSE/ADE or both)?

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
159 questions
0 comments No comments
{count} votes

Accepted answer
  1. Olga Os - MSFT 5,831 Reputation points Microsoft Employee

    Hey @Jack Vrtar (Admin) ,

    I am just wondering if the below script will work for you.

    Taken from here:

    You can find all ADE-encrypted VMs and the extension version, in all resource groups present in a subscription, using this PowerShell script.

    Alternatively, these cmdlets will show all ADE-encrypted VMs (but not the extension version):

    $osVolEncrypted = {(Get-AzVMDiskEncryptionStatus -ResourceGroupName $_.ResourceGroupName -VMName $_.Name).OsVolumeEncrypted}  
    $dataVolEncrypted= {(Get-AzVMDiskEncryptionStatus -ResourceGroupName $_.ResourceGroupName -VMName $_.Name).DataVolumesEncrypted}  
    Get-AzVm | Format-Table @{Label="MachineName"; Expression={$_.Name}}, @{Label="OsVolumeEncrypted"; Expression=$osVolEncrypted}, @{Label="DataVolumesEncrypted"; Expression=$dataVolEncrypted}  

    Example of the output:



    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Olga O

    0 comments No comments

0 additional answers

Sort by: Most helpful