< Back
Set-AzureRmDiskKeyEncryptionKey
Post
NAME Set-AzureRmDiskKeyEncryptionKey
SYNOPSIS
Sets the key encryption key properties on a disk object.
SYNTAX
Set-AzureRmDiskKeyEncryptionKey [-Disk] <PSDisk> [[-KeyUrl] <String>] [[-SourceVaultId] <String>] [-DefaultProfile <IAzureContextContainer>]
[-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Set-AzureRmDiskKeyEncryptionKey cmdlet sets the key encryption key properties on a disk object.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure.
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Disk <PSDisk>
Specifies a local disk object.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName, ByValue)
Accept wildcard characters? false
-KeyUrl <String>
Specifes the key Url.
Required? false
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-SourceVaultId <String>
Specifies the source vault ID.
Required? false
Position? 2
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
Microsoft.Azure.Management.Compute.Models.Disk
System.String
OUTPUTS
Microsoft.Azure.Management.Compute.Models.Disk
NOTES
Example 1
PS C:\\> $diskconfig = New-AzureRmDiskConfig -Location 'Central US' -DiskSizeGB 5 -AccountType StandardLRS -OsType Windows -CreateOption Empty
-EncryptionSettingsEnabled $true;
PS C:\\> $secretUrl = https://myvault.vault-int.azure-int.net/secrets/123/;
PS C:\\> $secretId =
'/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup01/providers/Microsoft.KeyVault/vaults/TestVault123';
PS C:\\> $keyUrl = https://myvault.vault-int.azure-int.net/keys/456;
PS C:\\> $keyId =
'/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup01/providers/Microsoft.KeyVault/vaults/TestVault456';
PS C:\\> $diskconfig = Set-AzureRmDiskDiskEncryptionKey -Disk $diskconfig -SecretUrl $secretUrl -SourceVaultId $secretId;
PS C:\\> $diskconfig = Set-AzureRmDiskKeyEncryptionKey -Disk $diskconfig -KeyUrl $keyUrl -SourceVaultId $keyId;
PS C:\\> New-AzureRmDisk -ResourceGroupName 'ResourceGroup01' -DiskName 'Disk01' -Disk $diskconfig;
The first command creates a local empty disk object with size 5GB in Standard_LRS storage account type. It also sets Windows OS type and enables
encryption settings. The second and third commands set the disk encryption key and key encryption key settings for the disk object. The last
command takes the disk object and creates a disk with name 'Disk01' in resource group 'ResourceGroup01'.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... ryptionkey
SYNOPSIS
Sets the key encryption key properties on a disk object.
SYNTAX
Set-AzureRmDiskKeyEncryptionKey [-Disk] <PSDisk> [[-KeyUrl] <String>] [[-SourceVaultId] <String>] [-DefaultProfile <IAzureContextContainer>]
[-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Set-AzureRmDiskKeyEncryptionKey cmdlet sets the key encryption key properties on a disk object.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure.
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Disk <PSDisk>
Specifies a local disk object.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName, ByValue)
Accept wildcard characters? false
-KeyUrl <String>
Specifes the key Url.
Required? false
Position? 1
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-SourceVaultId <String>
Specifies the source vault ID.
Required? false
Position? 2
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
Microsoft.Azure.Management.Compute.Models.Disk
System.String
OUTPUTS
Microsoft.Azure.Management.Compute.Models.Disk
NOTES
Example 1
PS C:\\> $diskconfig = New-AzureRmDiskConfig -Location 'Central US' -DiskSizeGB 5 -AccountType StandardLRS -OsType Windows -CreateOption Empty
-EncryptionSettingsEnabled $true;
PS C:\\> $secretUrl = https://myvault.vault-int.azure-int.net/secrets/123/;
PS C:\\> $secretId =
'/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup01/providers/Microsoft.KeyVault/vaults/TestVault123';
PS C:\\> $keyUrl = https://myvault.vault-int.azure-int.net/keys/456;
PS C:\\> $keyId =
'/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup01/providers/Microsoft.KeyVault/vaults/TestVault456';
PS C:\\> $diskconfig = Set-AzureRmDiskDiskEncryptionKey -Disk $diskconfig -SecretUrl $secretUrl -SourceVaultId $secretId;
PS C:\\> $diskconfig = Set-AzureRmDiskKeyEncryptionKey -Disk $diskconfig -KeyUrl $keyUrl -SourceVaultId $keyId;
PS C:\\> New-AzureRmDisk -ResourceGroupName 'ResourceGroup01' -DiskName 'Disk01' -Disk $diskconfig;
The first command creates a local empty disk object with size 5GB in Standard_LRS storage account type. It also sets Windows OS type and enables
encryption settings. The second and third commands set the disk encryption key and key encryption key settings for the disk object. The last
command takes the disk object and creates a disk with name 'Disk01' in resource group 'ResourceGroup01'.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... ryptionkey