Enable encryption on a running Windows VM without AAD

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy To Azure Deploy To Azure US Gov Visualize

This template enables encryption on a running windows VM without needing an AAD application.

Prerequisites: Create a KeyVault in the same subscription and region as the VM and set EnabledForDiskEncryption access policy

  1. Set-AzureRmKeyVaultAccessPolicy -ResourceGroupName -VaultName -EnabledForDiskEncryption

Tags: AzureDiskEncryption

References: White paper - https://azure.microsoft.com/documentation/articles/azure-security-disk-encryption/

Tags: Microsoft.Compute/virtualMachines/extensions, [variables('extensionName')]