Disk Encryption

Jack Vrtar (Admin) 21 Reputation points
2021-06-23T13:35:35.927+00:00

How do I get a list of servers by encryption type (SSE/ADE or both)?

Azure Disk Encryption
Azure Disk Encryption
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
109 questions
Accepted answer
  1. Olga Osinskaya - MSFT 3,836 Reputation points Microsoft Employee
    2021-06-23T21:58:58.343+00:00

    Hey @Jack Vrtar (Admin) ,

    I am just wondering if the below script will work for you.

    Taken from here:

    You can find all ADE-encrypted VMs and the extension version, in all resource groups present in a subscription, using this PowerShell script.

    Alternatively, these cmdlets will show all ADE-encrypted VMs (but not the extension version):

    $osVolEncrypted = {(Get-AzVMDiskEncryptionStatus -ResourceGroupName $_.ResourceGroupName -VMName $_.Name).OsVolumeEncrypted}  
$dataVolEncrypted= {(Get-AzVMDiskEncryptionStatus -ResourceGroupName $_.ResourceGroupName -VMName $_.Name).DataVolumesEncrypted}  
Get-AzVm | Format-Table @{Label="MachineName"; Expression={$_.Name}}, @{Label="OsVolumeEncrypted"; Expression=$osVolEncrypted}, @{Label="DataVolumesEncrypted"; Expression=$dataVolEncrypted}

    Example of the output:

    108782-image.png

    108716-image.png

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Sincerely,
    Olga O

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest