Azure Managed Disks recently announced general availability for server-side encryption (SSE) with customer-managed keys (CMK). This means, alongside encryption with platform managed keys that is enabled by default for all Azure Managed Disks, every disk can also be encrypted with a disk encryption set (customer managed key) that is owned and managed by the end user to protect their data on the cloud.
DevTest Labs now enables this feature to be configured at lab level for all virtual machines created as part of the lab. As mentioned above, all OS disks and data disks created as part of a DevTest Lab are encrypted using platform-managed keys. As a lab owner you can choose to encrypt lab virtual machine OS disks using your own disk encryption set. Please note that, currently encryption with a customer managed key is in preview and only supported for DevTest Lab OS disks; support for data disks is coming soon.
With this, the lab users don't need to worry about configuring this setting for their individual lab virtual machines - the lab takes care of this for them, thus making it easy to create and use lab virtual machines in a secure manner.
Try this feature today and let us know what you think in the comments section. Have a question? Post it on our Azure DevTest Labs Forum
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.