Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Important
Azure Disk Encryption is scheduled for retirement on September 15, 2028. Until that date, you can continue to use Azure Disk Encryption without disruption. On September 15, 2028, ADE-enabled workloads will continue to run, but encrypted disks will fail to unlock after VM reboots, resulting in service disruption.
Use encryption at host for new VMs. All ADE-enabled VMs (including backups) must migrate to encryption at host before the retirement date to avoid service disruption. See Migrate from Azure Disk Encryption to encryption at host for details.
You can encrypt or decrypt Linux Virtual Machine Scale Sets using Azure Resource Manager templates.
Deploying templates
First, select the template that fits your scenario.
Enable disk encryption on a running Linux Virtual Machine Scale Set
Enable disk encryption on a running Windows Virtual Machine Scale Set
Disable disk encryption on a running Linux Virtual Machine Scale Set
Disable disk encryption on a running Windows Virtual Machine Scale Set
Then follow these steps:
- Click Deploy to Azure.
- Fill in the required fields then agree to the terms and conditions.
- Click Purchase to deploy the template.
Note
Virtual Machine Scale Set encryption is supported with API version 2017-03-30 onwards. If you are using templates to enable scale set encryption, update the API version for Virtual Machine Scale Sets and the ADE extension inside the template. See this sample template for more information.
Next steps
- Azure Disk Encryption for Virtual Machine Scale Sets
- Encrypt a Virtual Machine Scale Sets using the Azure CLI
- Encrypt a Virtual Machine Scale Sets using the Azure PowerShell
- Create and configure a key vault for Azure Disk Encryption
- Use Azure Disk Encryption with Virtual Machine Scale Set extension sequencing