locked
Few Queries about ADE for Linux and Windows VMs RRS feed

  • Question

  • In MS Documentation it is mentioned in the below URI that while encrypting Linux VMs, the VM should be considered unavailable

    and one shouldn't do SSH to the VM

    https://docs.microsoft.com/en-us/azure/virtual-machines/linux/disk-encryption-linux 

    1) Is it true for Windows VMs too? I mean can a user work on a Windows VM while encryption is going on, is it transparent to the user?

    2) A linux VM will reboot after encryption is completed, is it true for a Windows VM also?

    3) Is ADE not supported on unmanaged disks? 


    Pallab Chakraborty

    Tuesday, February 18, 2020 7:21 PM

Answers

  • It supports both managed and unmanaged disks, unmanaged disk should remain at the same location. It won't change from un-managed to managed disk. 

    Kindly let us know if the above helps or you need further assistance on this issue. 
    ------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" and Upvote on the post that helps you, this can be beneficial to other community members.

    Thursday, February 20, 2020 6:26 PM
  • I am following on this thread ,if the above suggestion was helpful. And, if you have any further query do let us know.

     Just checking in to see if the above answer helped. If this answers your query, do click “Mark as Answer” and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.

    • Marked as answer by Palchak Monday, February 24, 2020 9:26 PM
    Monday, February 24, 2020 7:35 PM

All replies

  • @Palchak Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.
    • They can work while you are in the start of the process. 
    • Encrypting or disabling encryption may cause a VM to reboot.
    • You can encrypt the unmanaged disk, You can create the disk, attach it to vm and encrypt with OS features (bitlocker\dm-crypt). You can use Azure VM Encryption extension as well.

    You can perform Virtual Machine disk encryption for unmanaged disk through PowerShell or template, also Azure CLI.

    You can upload the encrypted VHD to your storage account and the encryption key material to your key vault. Then, provide the encryption configuration to enable encryption on a new Azure VM. For details about the steps follow Encryption workflow. And the command example here.

    Hope this helps! 

    Kindly let us know if the above helps or you need further assistance on this issue. 
    ------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" and Upvote on the post that helps you, this can be beneficial to other community members.

    Thursday, February 20, 2020 6:04 AM
  • Sumanth,

    When i ran the az powershell command to do ADE on my Windows VM, after the encryption got over, i saw the disk become a premium SSD of 127 GB and it became a managed disk.

    So my question is, isn't ADE supported on unmanaged disk, my earlier disk was a normal HDD disk in my own storage account. The storage account is empty now


    Pallab Chakraborty

    Thursday, February 20, 2020 5:21 PM
  • It supports both managed and unmanaged disks, unmanaged disk should remain at the same location. It won't change from un-managed to managed disk. 

    Kindly let us know if the above helps or you need further assistance on this issue. 
    ------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" and Upvote on the post that helps you, this can be beneficial to other community members.

    Thursday, February 20, 2020 6:26 PM
  • I am following on this thread ,if the above suggestion was helpful. And, if you have any further query do let us know.

     Just checking in to see if the above answer helped. If this answers your query, do click “Mark as Answer” and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.

    • Marked as answer by Palchak Monday, February 24, 2020 9:26 PM
    Monday, February 24, 2020 7:35 PM