< Back

Set-AzureRmDiskKeyEncryptionKey

Tue Jan 29, 2019 9:39 pm

NAME Set-AzureRmDiskKeyEncryptionKey



SYNOPSIS

Sets the key encryption key properties on a disk object.





SYNTAX

Set-AzureRmDiskKeyEncryptionKey [-Disk] <PSDisk> [[-KeyUrl] <String>] [[-SourceVaultId] <String>] [-DefaultProfile <IAzureContextContainer>]

[-Confirm] [-WhatIf] [<CommonParameters>]





DESCRIPTION

The Set-AzureRmDiskKeyEncryptionKey cmdlet sets the key encryption key properties on a disk object.





PARAMETERS

-DefaultProfile <IAzureContextContainer>

The credentials, account, tenant, and subscription used for communication with azure.



Required? false

Position? named

Default value None

Accept pipeline input? False

Accept wildcard characters? false



-Disk <PSDisk>

Specifies a local disk object.



Required? true

Position? 0

Default value None

Accept pipeline input? True (ByPropertyName, ByValue)

Accept wildcard characters? false



-KeyUrl <String>

Specifes the key Url.



Required? false

Position? 1

Default value None

Accept pipeline input? True (ByPropertyName)

Accept wildcard characters? false



-SourceVaultId <String>

Specifies the source vault ID.



Required? false

Position? 2

Default value None

Accept pipeline input? True (ByPropertyName)

Accept wildcard characters? false



-Confirm [<SwitchParameter>]

Prompts you for confirmation before running the cmdlet.



Required? false

Position? named

Default value False

Accept pipeline input? False

Accept wildcard characters? false



-WhatIf [<SwitchParameter>]

Shows what would happen if the cmdlet runs. The cmdlet is not run.



Required? false

Position? named

Default value False

Accept pipeline input? False

Accept wildcard characters? false



<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,

ErrorAction, ErrorVariable, WarningAction, WarningVariable,

OutBuffer, PipelineVariable, and OutVariable. For more information, see

about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).



INPUTS

Microsoft.Azure.Management.Compute.Models.Disk

System.String





OUTPUTS

Microsoft.Azure.Management.Compute.Models.Disk







NOTES









Example 1



PS C:\\> $diskconfig = New-AzureRmDiskConfig -Location 'Central US' -DiskSizeGB 5 -AccountType StandardLRS -OsType Windows -CreateOption Empty

-EncryptionSettingsEnabled $true;

PS C:\\> $secretUrl = https://myvault.vault-int.azure-int.net/secrets/123/;

PS C:\\> $secretId =

'/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup01/providers/Microsoft.KeyVault/vaults/TestVault123';

PS C:\\> $keyUrl = https://myvault.vault-int.azure-int.net/keys/456;

PS C:\\> $keyId =

'/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup01/providers/Microsoft.KeyVault/vaults/TestVault456';

PS C:\\> $diskconfig = Set-AzureRmDiskDiskEncryptionKey -Disk $diskconfig -SecretUrl $secretUrl -SourceVaultId $secretId;

PS C:\\> $diskconfig = Set-AzureRmDiskKeyEncryptionKey -Disk $diskconfig -KeyUrl $keyUrl -SourceVaultId $keyId;

PS C:\\> New-AzureRmDisk -ResourceGroupName 'ResourceGroup01' -DiskName 'Disk01' -Disk $diskconfig;



The first command creates a local empty disk object with size 5GB in Standard_LRS storage account type. It also sets Windows OS type and enables

encryption settings. The second and third commands set the disk encryption key and key encryption key settings for the disk object. The last

command takes the disk object and creates a disk with name 'Disk01' in resource group 'ResourceGroup01'.







RELATED LINKS

Online Version: https://docs.microsoft.com/en-us/powers ... ryptionkey