Forum Discussion
Azure bit locker Encryption
Hi All,
I have 100+ Virtual machines for that i want to enable azure bit locker encryption running single PowerShell script. Is there any script is available that i can refer too?
My All VM's are part of same Resource Group, Location & i am using single key Vault.
Below is the script which i am using where i am specifying single VM name at a time.
$RGName = "RGNAME"
$VMName = "TestVM1"
$VaultName= "TestKV"
$KeyVault = Get-AzKeyVault -VaultName $VaultName -ResourceGroupName $RGName
$DiskEncryptionKeyVaultUrl = $KeyVault.VaultUri
$KeyVaultResourceId = $KeyVault.ResourceId
$VolumeType = "All"
Set-AzVMDiskEncryptionExtension -ResourceGroupName $RGName -VMName $VMName -DiskEncryptionKeyVaultUrl $DiskEncryptionKeyVaultUrl -DiskEncryptionKeyVaultId $KeyVaultResourceId -VolumeType $VolumeType
1 Reply
Try this:
$RGName = "RGNAME" $VMName = "TestVM1" $VaultName= "TestKV" $KeyVault = Get-AzKeyVault -VaultName $VaultName -ResourceGroupName $RGName $DiskEncryptionKeyVaultUrl = $KeyVault.VaultUri $KeyVaultResourceId = $KeyVault.ResourceId $VolumeType = "All" $VMs = Get-AzVM -ResourceGroupName $RGName ForEach ($VM in $VMs) { Set-AzVMDiskEncryptionExtension -ResourceGroupName $RGName -VMName $VM.Name -DiskEncryptionKeyVaultUrl $DiskEncryptionKeyVaultUrl -DiskEncryptionKeyVaultId $KeyVaultResourceId -VolumeType $VolumeType }
