Skip to content

Commit 17be2ea

Browse files
committed
Updated temporary disk terminology
1 parent d0d1b61 commit 17be2ea

File tree

6 files changed

+8
-10
lines changed

6 files changed

+8
-10
lines changed

articles/virtual-machines/linux/disk-encryption-faq.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ This article provides answers to frequently asked questions (FAQ) about Azure Di
1616

1717
## What is Azure Disk Encryption for Linux VMs?
1818

19-
Azure Disk Encryption for Linux VMs uses the dm-crypt feature of Linux to provide full disk encryption of the OS disk* and data disks. Additionally, it provides encryption of the temporary resource disk when using the [EncryptFormatAll feature](disk-encryption-linux.md#use-encryptformatall-feature-for-data-disks-on-linux-vms). The content flows encrypted from the VM to the Storage backend. Thereby, providing end-to-end encryption with a customer-managed key.
19+
Azure Disk Encryption for Linux VMs uses the dm-crypt feature of Linux to provide full disk encryption of the OS disk* and data disks. Additionally, it provides encryption of the temporary disk when using the [EncryptFormatAll feature](disk-encryption-linux.md#use-encryptformatall-feature-for-data-disks-on-linux-vms). The content flows encrypted from the VM to the Storage backend. Thereby, providing end-to-end encryption with a customer-managed key.
2020

2121
See [Supported VMs and operating systems](disk-encryption-overview.md#supported-vms-and-operating-systems).
2222

@@ -56,7 +56,7 @@ Storage server-side encryption encrypts Azure managed disks in Azure Storage. Ma
5656

5757
## How is Azure Disk Encryption different from Storage server-side encryption with customer-managed key and when should I use each solution?
5858

59-
Azure Disk Encryption provides end-to-end encryption for the OS disk, data disks, and the temporary resource disk, using a customer-managed key.
59+
Azure Disk Encryption provides end-to-end encryption for the OS disk, data disks, and the temporary disk, using a customer-managed key.
6060
- If your requirements include encrypting all of the above and end-to-end encryption, use Azure Disk Encryption.
6161
- If your requirements include encrypting only data at rest with customer-managed key, then use [Server-side encryption with customer-managed keys](disk-encryption.md). You cannot encrypt a disk with both Azure Disk Encryption and Storage server-side encryption with customer-managed keys.
6262
- If your Linux distro is not listed under [supported operating systems for Azure Disk Encryption](disk-encryption-overview.md#supported-operating-systems) or you are using a scenario called out in the [unsupported scenarios for Windows](disk-encryption-linux.md#unsupported-scenarios), consider [Server-side encryption with customer-managed keys](disk-encryption.md).

articles/virtual-machines/linux/disk-encryption-linux-aad.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -158,7 +158,7 @@ The following table lists Resource Manager template parameters for existing or r
158158
## <a name="bkmk_EFA"> </a>Use the EncryptFormatAll feature for data disks on Linux IaaS VMs
159159
The EncryptFormatAll parameter reduces the time for Linux data disks to be encrypted. Partitions that meet certain criteria are formatted (with their current file system). Then they're remounted back to where they were before command execution. If you want to exclude a data disk that meets the criteria, you can unmount it before you run the command.
160160
161-
After you run this command, any drives that were mounted previously are formatted. Then the encryption layer starts on top of the now empty drive. When this option is selected, the temporary resource disk attached to the VM is also encrypted. If the ephemeral drive is reset, it's reformatted and re-encrypted for the VM by the Azure Disk Encryption solution at the next opportunity.
161+
After you run this command, any drives that were mounted previously are formatted. Then the encryption layer starts on top of the now empty drive. When this option is selected, the temporary disk attached to the VM is also encrypted. If the ephemeral drive is reset, it's reformatted and re-encrypted for the VM by the Azure Disk Encryption solution at the next opportunity.
162162
163163
>[!WARNING]
164164
> EncryptFormatAll shouldn't be used when there's needed data on a VM's data volumes. You can exclude disks from encryption by unmounting them. Try out the EncryptFormatAll parameter on a test VM first to understand the feature parameter and its implication before you try it on the production VM. The EncryptFormatAll option formats the data disk, so all the data on it will be lost. Before you proceed, verify that any disks you want to exclude are properly unmounted. </br></br>

articles/virtual-machines/linux/disk-encryption-linux.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ ms.custom: seodec18
1414
# Azure Disk Encryption scenarios on Linux VMs
1515

1616

17-
Azure Disk Encryption for Linux virtual machines (VMs) uses the DM-Crypt feature of Linux to provide full disk encryption of the OS disk and data disks. Additionally, it provides encryption of the temporary resource disk when using the EncryptFormatAll feature.
17+
Azure Disk Encryption for Linux virtual machines (VMs) uses the DM-Crypt feature of Linux to provide full disk encryption of the OS disk and data disks. Additionally, it provides encryption of the temporary disk when using the EncryptFormatAll feature.
1818

1919
Azure Disk Encryption is [integrated with Azure Key Vault](disk-encryption-key-vault.md) to help you control and manage the disk encryption keys and secrets. For an overview of the service, see [Azure Disk Encryption for Linux VMs](disk-encryption-overview.md).
2020

@@ -212,7 +212,7 @@ For more information about configuring the Linux VM disk encryption template, se
212212
213213
The **EncryptFormatAll** parameter reduces the time for Linux data disks to be encrypted. Partitions meeting certain criteria will be formatted, along with their current file systems, then remounted back to where they were before command execution. If you wish to exclude a data disk that meets the criteria, you can unmount it before running the command.
214214
215-
After running this command, any drives that were mounted previously will be formatted, and the encryption layer will be started on top of the now empty drive. When this option is selected, the temporary resource disk attached to the VM will also be encrypted. If the ephemeral drive is reset, it will be reformatted and re-encrypted for the VM by the Azure Disk Encryption solution at the next opportunity. Once the resource disk gets encrypted, the [Microsoft Azure Linux Agent](https://docs.microsoft.com/azure/virtual-machines/extensions/agent-linux) will not be able to manage the resource disk and enable the swap file, but you may manually configure the swap file.
215+
After running this command, any drives that were mounted previously will be formatted, and the encryption layer will be started on top of the now empty drive. When this option is selected, the temporary disk attached to the VM will also be encrypted. If the temporary disk is reset, it will be reformatted and re-encrypted for the VM by the Azure Disk Encryption solution at the next opportunity. Once the resource disk gets encrypted, the [Microsoft Azure Linux Agent](https://docs.microsoft.com/azure/virtual-machines/extensions/agent-linux) will not be able to manage the resource disk and enable the swap file, but you may manually configure the swap file.
216216
217217
>[!WARNING]
218218
> EncryptFormatAll shouldn't be used when there is needed data on a VM's data volumes. You may exclude disks from encryption by unmounting them. You should first try out the EncryptFormatAll first on a test VM, understand the feature parameter and its implication before trying it on the production VM. The EncryptFormatAll option formats the data disk and all the data on it will be lost. Before proceeding, verify that disks you wish to exclude are properly unmounted. </br></br>

articles/virtual-machines/linux/disk-encryption-overview-aad.md

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,8 +22,6 @@ The information in these sections remains the same:
2222
- [Additional VM requirements](disk-encryption-overview.md#additional-vm-requirements)
2323

2424

25-
26-
2725
## Networking and Group Policy
2826

2927
To enable the Azure Disk Encryption feature by using the older AAD parameter syntax, the infrastructure as a service (IaaS) VMs must meet the following network endpoint configuration requirements:

articles/virtual-machines/windows/disk-encryption-faq.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ This article provides answers to frequently asked questions (FAQ) about Azure Di
1616

1717
## What is Azure Disk Encryption for Windows VMs?
1818

19-
Azure Disk Encryption for Windows VMs uses the Bitlocker feature of Windows to provide full disk encryption of the OS disk and data disks. Additionally, it provides encryption of the temporary resource disk when the [VolumeType parameter is All](disk-encryption-windows.md#enable-encryption-on-a-newly-added-data-disk). The content flows encrypted from the VM to the Storage backend. Thereby, providing end-to-end encryption with a customer-managed key.
19+
Azure Disk Encryption for Windows VMs uses the Bitlocker feature of Windows to provide full disk encryption of the OS disk and data disks. Additionally, it provides encryption of the temporary disk when the [VolumeType parameter is All](disk-encryption-windows.md#enable-encryption-on-a-newly-added-data-disk). The content flows encrypted from the VM to the Storage backend. Thereby, providing end-to-end encryption with a customer-managed key.
2020

2121
See [Supported VMs and operating systems](disk-encryption-overview.md#supported-vms-and-operating-systems).
2222

@@ -56,7 +56,7 @@ Storage server-side encryption encrypts Azure managed disks in Azure Storage. Ma
5656

5757
## How is Azure Disk Encryption different from Storage server-side encryption with customer-managed key and when should I use each solution?
5858

59-
Azure Disk Encryption provides end-to-end encryption for the OS disk, data disks, and the temporary resource disk with a customer-managed key.
59+
Azure Disk Encryption provides end-to-end encryption for the OS disk, data disks, and the temporary disk with a customer-managed key.
6060

6161
- If your requirements include encrypting all of the above and end-to-end encryption, use Azure Disk Encryption.
6262
- If your requirements include encrypting only data at rest with customer-managed key, then use [Server-side encryption with customer-managed keys](disk-encryption.md). You cannot encrypt a disk with both Azure Disk Encryption and Storage server-side encryption with customer managed keys.

articles/virtual-machines/windows/disk-encryption-windows.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ ms.custom: seodec18
1313

1414
# Azure Disk Encryption scenarios on Windows VMs
1515

16-
Azure Disk Encryption for Windows virtual machines (VMs) uses the Bitlocker feature of Windows to provide full disk encryption of the OS disk and data disk. Additionally, it provides encryption of the temporary resource disk when the VolumeType parameter is All.
16+
Azure Disk Encryption for Windows virtual machines (VMs) uses the Bitlocker feature of Windows to provide full disk encryption of the OS disk and data disk. Additionally, it provides encryption of the temporary disk when the VolumeType parameter is All.
1717

1818
Azure Disk Encryption is [integrated with Azure Key Vault](disk-encryption-key-vault.md) to help you control and manage the disk encryption keys and secrets. For an overview of the service, see [Azure Disk Encryption for Windows VMs](disk-encryption-overview.md).
1919

0 commit comments

Comments
 (0)