You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/batch/disk-encryption.md
+8-4Lines changed: 8 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -23,21 +23,25 @@ Batch will apply one of these disk encryption technologies on compute nodes, bas
23
23
-[Encryption at host using a platform-managed Key](../virtual-machines/disk-encryption.md#encryption-at-host---end-to-end-encryption-for-your-vm-data)
24
24
-[Azure Disk Encryption](../virtual-machines/disk-encryption-overview.md)
25
25
26
-
You won't be able to specify which encryption method will be applied to the nodes in your pool. Instead, you provide the target disks you want to encrypt on their nodes, and Batch can choose the appropriate encryption method, ensuring the specified disks are encrypted on the compute node.
26
+
You won't be able to specify which encryption method will be applied to the nodes in your pool. Instead, you provide the target disks you want to encrypt on their nodes, and Batch can choose the appropriate encryption method, ensuring the specified disks are encrypted on the compute node. The following image depicts how Batch makes that choice.
27
27
28
28
> [!IMPORTANT]
29
29
> If you are creating your pool with a Linux [custom image](batch-sig-images.md), you can only enable disk encryption only if your pool is using an [Encryption At Host Supported VM size](../virtual-machines/disk-encryption.md#supported-vm-sizes).
30
30
> Encryption At Host is not currently supported on User Subscription Pools until the feature becomes [publicly available in Azure](../virtual-machines/disks-enable-host-based-encryption-portal.md#prerequisites).
31
31
32
+
33
+
34
+
Some disk encryption configurations require that the VM family of the pool supports encryption at host. See [End-to-end encryption using encryption at host](../virtual-machines/disks-enable-host-based-encryption-portal.md) to determine which VM families support encryption at host.
35
+
32
36
## Azure portal
33
37
34
-
When creating a Batch pool in the the Azure portal, select either **TemporaryDisk** or **OsAndTemporaryDisk** under **Disk Encryption Configuration**.
38
+
When creating a Batch pool in the Azure portal, select either**OsDisk**,**TemporaryDisk** or **OsAndTemporaryDisk** under **Disk Encryption Configuration**.
35
39
36
-
:::image type="content" source="media/disk-encryption/portal-view.png" alt-text="Screenshot of the Disk Encryption Configuration option in the Azure portal.":::
40
+
37
41
38
42
After the pool is created, you can see the disk encryption configuration targets in the pool's **Properties** section.
39
43
40
-
:::image type="content" source="media/disk-encryption/configuration-target.png" alt-text="Screenshot showing the disk encryption configuration targets in the Azure portal.":::
44
+
0 commit comments