This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 73%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello guys,
I've followed this article (https://learn.microsoft.com/en-us/azure/virtual-machines/disks-enable-customer-managed-keys-portal) to configure KeyVault to store customer key and apply this CMK to VM OS disk and it would appear that the procedure was successful (in the portal I can see my disks with "SSE with CMK" encryption) but if I try to check the encryption status with this command:
Get-AzVmDiskEncryptionStatus -ResourceGroupName "myRG" -VMName "MyVM"
the output is:
OsVolumeEncrypted : NotEncrypted
DataVolumesEncrypted : NotEncrypted
OsVolumeEncryptionSettings :
ProgressMessage : No Encryption extension or metadata found on the VM
Is this the correct command to verify the encryption status of the VM disks? or I need to execute some other tasks to accomplish this procedure?
thanks!
Hi Andrea,
Please use command similar to below:
(Get-AzDisk -ResourceGroupName myRG -DiskName myDisk).Encryption
The command you were using is for Azure Disk Encryption (ADE) which is different. You are using Server Side Encryption (SSE).
Please click Accept Answer and upvote if the above was helpful.
Thanks.
-TP
Hello Andrea
If the above answer is helpful, could you please consider accepting it as answer for the benefit of community.