Azure bit locker Encryption

Copper Contributor

Hi All,

I have 100+ Virtual machines for that i want to enable azure bit locker encryption running single PowerShell script. Is there any script is available that i can refer too?

My All VM's are part of same Resource Group, Location & i am using single key Vault. 

Below is the script which i am using where i am specifying single VM name at a time. 

$RGName = "RGNAME"
$VMName = "TestVM1"
$VaultName= "TestKV"
$KeyVault = Get-AzKeyVault -VaultName $VaultName -ResourceGroupName $RGName
$DiskEncryptionKeyVaultUrl = $KeyVault.VaultUri
$KeyVaultResourceId = $KeyVault.ResourceId
$VolumeType = "All"
Set-AzVMDiskEncryptionExtension -ResourceGroupName $RGName -VMName $VMName -DiskEncryptionKeyVaultUrl $DiskEncryptionKeyVaultUrl -DiskEncryptionKeyVaultId $KeyVaultResourceId -VolumeType $VolumeType

 

  

1 Reply

@nirmalmcse02 

 

Try this:

 

$RGName = "RGNAME"
$VMName = "TestVM1"
$VaultName= "TestKV"
$KeyVault = Get-AzKeyVault -VaultName $VaultName -ResourceGroupName $RGName
$DiskEncryptionKeyVaultUrl = $KeyVault.VaultUri
$KeyVaultResourceId = $KeyVault.ResourceId
$VolumeType = "All"


$VMs = Get-AzVM -ResourceGroupName $RGName

ForEach ($VM in $VMs)

{

Set-AzVMDiskEncryptionExtension -ResourceGroupName $RGName -VMName $VM.Name -DiskEncryptionKeyVaultUrl $DiskEncryptionKeyVaultUrl -DiskEncryptionKeyVaultId $KeyVaultResourceId -VolumeType $VolumeType

}