Skip to content

Commit 858004a

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #216485 from stevevi/steveviAzureGov11
Reverse IL5 disk encryption coverage pending DISA feedback
2 parents 77dbbcf + 2892bed commit 858004a

File tree

1 file changed

+12
-8
lines changed

1 file changed

+12
-8
lines changed

articles/azure-government/documentation-government-impact-level-5.md

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ ms.custom: references_regions, ignite-2022
77
author: stevevi
88
ms.author: stevevi
99
recommendations: false
10-
ms.date: 10/21/2022
10+
ms.date: 10/30/2022
1111
---
1212

1313
# Isolation guidelines for Impact Level 5 workloads
@@ -171,17 +171,21 @@ Virtual machine scale sets aren't currently supported on Azure Dedicated Host. B
171171
> [!IMPORTANT]
172172
> As new hardware generations become available, some VM types might require reconfiguration (scale up or migration to a new VM SKU) to ensure they remain on properly dedicated hardware. For more information, see **[Virtual machine isolation in Azure](../virtual-machines/isolation.md).**
173173
174-
#### Disk encryption options
174+
#### Disk encryption for virtual machines
175175

176-
There are several types of encryption available for your managed disks supporting virtual machines and virtual machine scale sets:
176+
You can encrypt the storage that supports these virtual machines in one of two ways to support necessary encryption standards.
177177

178-
- Azure Disk Encryption
179-
- Server-side encryption of Azure Disk Storage
180-
- Encryption at host
181-
- Confidential disk encryption
178+
- Use Azure Disk Encryption to encrypt the drives by using dm-crypt (Linux) or BitLocker (Windows):
179+
- [Enable Azure Disk Encryption for Linux](../virtual-machines/linux/disk-encryption-overview.md)
180+
- [Enable Azure Disk Encryption for Windows](../virtual-machines/windows/disk-encryption-overview.md)
181+
- Use Azure Storage service encryption for storage accounts with your own key to encrypt the storage account that holds the disks:
182+
- [Storage service encryption with customer-managed keys](../storage/common/customer-managed-keys-configure-key-vault.md)
182183

183-
All these options enable you to have sole control over encryption keys. For more information, see [Overview of managed disk encryption options](../virtual-machines/disk-encryption-overview.md).
184+
#### Disk encryption for virtual machine scale sets
184185

186+
You can encrypt disks that support virtual machine scale sets by using Azure Disk Encryption:
187+
188+
- [Encrypt disks in virtual machine scale sets](../virtual-machine-scale-sets/disk-encryption-key-vault.md)
185189

186190
## Containers
187191

0 commit comments

Comments
 (0)