Copy managed disks to same or different subscription with CLI
This article contains two scripts. The first script copies a managed disk that's using platform-managed keys to same or different subscription but in the same region. The second script copies a managed disk that's using customer-managed keys to the same or a different subscription in the same region. Either copy only works when the subscriptions are part of the same Microsoft Entra tenant.
If you don't have an Azure subscription, create an Azure free account before you begin.
Prerequisites
Use the Bash environment in Azure Cloud Shell. For more information, see Quickstart for Bash in Azure Cloud Shell.
If you prefer to run CLI reference commands locally, install the Azure CLI. If you're running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see How to run the Azure CLI in a Docker container.
If you're using a local installation, sign in to the Azure CLI by using the az login command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see Sign in with the Azure CLI.
When you're prompted, install the Azure CLI extension on first use. For more information about extensions, see Use extensions with the Azure CLI.
Run az version to find the version and dependent libraries that are installed. To upgrade to the latest version, run az upgrade.
Sample script
Launch Azure Cloud Shell
The Azure Cloud Shell is a free interactive shell that you can use to run the steps in this article. It has common Azure tools preinstalled and configured to use with your account.
To open the Cloud Shell, just select Try it from the upper right corner of a code block. You can also launch Cloud Shell in a separate browser tab by going to https://shell.azure.com.
When Cloud Shell opens, verify that Bash is selected for your environment. Subsequent sessions will use Azure CLI in a Bash environment, Select Copy to copy the blocks of code, paste it into the Cloud Shell, and press Enter to run it.
Sign in to Azure
Cloud Shell is automatically authenticated under the initial account signed-in with. Use the following script to sign in using a different subscription, replacing <Subscription ID> with your Azure Subscription ID. If you don't have an Azure subscription, create an Azure free account before you begin.
subscription="<subscriptionId>" # add subscription here
az account set -s $subscription # ...or use 'az login'
For more information, see set active subscription or log in interactively
Disks with platform-managed keys
#Provide the subscription Id of the subscription where managed disk exists
sourceSubscriptionId="<subscriptionId>"
#Provide the name of your resource group where managed disk exists
sourceResourceGroupName=mySourceResourceGroupName
#Provide the name of the managed disk
managedDiskName=myDiskName
#Set the context to the subscription Id where managed disk exists
az account set --subscription $sourceSubscriptionId
#Get the managed disk Id
managedDiskId=$(az disk show --name $managedDiskName --resource-group $sourceResourceGroupName --query [id] -o tsv)
#If managedDiskId is blank then it means that managed disk does not exist.
echo 'source managed disk Id is: ' $managedDiskId
#Provide the subscription Id of the subscription where managed disk will be copied to
targetSubscriptionId=6492b1f7-f219-446b-b509-314e17e1efb0
#Name of the resource group where managed disk will be copied to
targetResourceGroupName=mytargetResourceGroupName
#Set the context to the subscription Id where managed disk will be copied to
az account set --subscription $targetSubscriptionId
#Copy managed disk to different subscription using managed disk Id
az disk create --resource-group $targetResourceGroupName --name $managedDiskName --source $managedDiskId
Disks with customer-managed keys
#Provide the subscription Id of the subscription where managed disk exists
sourceSubscriptionId="<subscriptionId>"
#Provide the name of your resource group where managed disk exists
sourceResourceGroupName=mySourceResourceGroupName
#Provide the name of the managed disk
managedDiskName=myDiskName
#Provide the name of the target disk encryption set
diskEncryptionSetName=myName
#Provide the target disk encryption set resource group
diskEncryptionResourceGroup=myGroup
#Set the context to the subscription Id where managed disk exists
az account set --subscription $sourceSubscriptionId
#Get the managed disk Id
managedDiskId=$(az disk show --name $managedDiskName --resource-group $sourceResourceGroupName --query [id] -o tsv)
#If managedDiskId is blank then it means that managed disk does not exist.
echo 'source managed disk Id is: ' $managedDiskId
#Get the disk encryption set ID
diskEncryptionSetId=$(az disk-encryption-set show --name $diskEncryptionSetName --resource-group $diskEncryptionResourceGroup)
#Provide the subscription Id of the subscription where managed disk will be copied to
targetSubscriptionId=6492b1f7-f219-446b-b509-314e17e1efb0
#Name of the resource group where managed disk will be copied to
targetResourceGroupName=mytargetResourceGroupName
#Set the context to the subscription Id where managed disk will be copied to
az account set --subscription $targetSubscriptionId
#Copy managed disk to different subscription using managed disk Id and disk encryption set ID
#Add --location parameter to change the location
az disk create -g $targetResourceGroupName -n $managedDiskName --source $managedDiskId --disk-encryption-set $diskEncrpytonSetId
Clean up resources
Run the following command to remove the resource group, VM, and all related resources.
az group delete --name mySourceResourceGroupName
Sample reference
This script uses following commands to create a new managed disk in the target subscription using the Id of the source managed disk. Each command in the table links to command specific documentation.
| Command | Notes |
|---|---|
| az disk show | Gets all the properties of a managed disk using the name and resource group properties of the managed disk. The Id property is used to copy the managed disk to different subscription. |
| az disk create | Copies a managed disk by creating a new managed disk in different subscription using the Id and name the parent managed disk. |
Next steps
Create a virtual machine from a managed disk
For more information on the Azure CLI, see Azure CLI documentation.
More virtual machine and managed disks CLI script samples can be found in the Azure Linux VM documentation.