Skip to content

Commit 7689029

Browse files
authored
Merge pull request #100976 from roygara/existingCMK
Existing cmk workflow
2 parents e6734b1 + 7c818f8 commit 7689029

File tree

6 files changed

+28
-4
lines changed

6 files changed

+28
-4
lines changed

articles/virtual-machines/linux/disk-encryption.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ title: Server-side encryption of Azure Managed Disks - Azure CLI
33
description: Azure Storage protects your data by encrypting it at rest before persisting it to Storage clusters. You can rely on Microsoft-managed keys for the encryption of your managed disks, or you can use customer-managed keys to manage encryption with your own keys.
44
author: roygara
55

6-
ms.date: 01/10/2020
6+
ms.date: 01/13/2020
77
ms.topic: conceptual
88
ms.author: rogarana
99
ms.service: virtual-machines-linux

articles/virtual-machines/windows/disk-encryption.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ title: Server-side encryption of Azure Managed Disks - PowerShell
33
description: Azure Storage protects your data by encrypting it at rest before persisting it to Storage clusters. You can rely on Microsoft-managed keys for the encryption of your managed disks, or you can use customer-managed keys to manage encryption with your own keys.
44
author: roygara
55

6-
ms.date: 01/10/2020
6+
ms.date: 01/13/2020
77
ms.topic: conceptual
88
ms.author: rogarana
99
ms.service: virtual-machines-windows
80.8 KB
Loading
136 KB
Loading
59.8 KB
Loading

includes/virtual-machines-disks-encryption-portal.md

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
author: roygara
66
ms.service: virtual-machines
77
ms.topic: include
8-
ms.date: 01/10/2020
8+
ms.date: 01/13/2020
99
ms.author: rogarana
1010
ms.custom: include file
1111
---
@@ -81,4 +81,28 @@ The VM deployment process is similar to the standard deployment process, the onl
8181
1. Select your disk encryption set in the **Disk encryption set** drop-down.
8282
1. Make the remaining selections as you like.
8383

84-
![sse-create-vm-select-cmk-encryption-set.png](media/virtual-machines-disk-encryption-portal/sse-create-vm-select-cmk-encryption-set.png)
84+
![sse-create-vm-select-cmk-encryption-set.png](media/virtual-machines-disk-encryption-portal/sse-create-vm-select-cmk-encryption-set.png)
85+
86+
#### Enable on an existing disk
87+
88+
To manage and configure disk encryption on your existing disks, you must use the following link: https://aka.ms/diskencryptionsets. Enabling customer-managed keys on existing disks is not yet available in the global Azure portal.
89+
90+
> [!CAUTION]
91+
> Enabling disk encryption on any disks attached to a VM will require that you stop the VM.
92+
93+
1. Navigate to a VM which is in the same region as one of your disk encryption sets.
94+
1. Open the VM and select **Stop**.
95+
96+
![sse-stop-VM-to-encrypt-disk.png](media/virtual-machines-disk-encryption-portal/sse-stop-VM-to-encrypt-disk.png)
97+
98+
1. After the VM has finished stopping, select **Disks** and then select the disk you want to encrypt.
99+
100+
![sse-existing-disk-select.png](media/virtual-machines-disk-encryption-portal/sse-existing-disk-select.png)
101+
102+
1. Select **Encryption** and select **Encryption at rest with a customer-managed key** and then select your disk encryption set in the drop-down list.
103+
1. Select **Save**.
104+
105+
![sse-encrypt-existing-disk-customer-managed-key.png](media/virtual-machines-disk-encryption-portal/sse-encrypt-existing-disk-customer-managed-key.png)
106+
107+
1. Repeat this process for any other disks attached to the VM you'd like to encrypt.
108+
1. When your disks finish switching over to customer-managed keys, if there are no there no other attached disks you'd like to encrypt, you may start your VM.

0 commit comments

Comments
 (0)