Creates an encrypted managed disk from an encrypted VHD.

上次更新时间: 2017/2/22

This template allows you to create an encrypted managed disk using an existing encrypted VHD and encryption settings.

此 Azure Resource Manager (ARM) 模板由社区的某个成员(而不是由 Microsoft)创建。每个 ARM 模板都根据其所有者(不是 Microsoft)的许可协议向你授予许可。Microsoft 不对由社区成员提供并授予许可的 ARM 模板负责,并且不针对安全性、兼容性和性能进行筛选。社区 ARM 模板不由任何 Microsoft 支持计划或服务提供支持,按“原样”提供,没有任何种类的担保。

参数

参数名 说明
vhdUri Storage VHD Uri
managedDiskName Name of the managed disk to be copied
keyVaultResourceID KeyVault resource id. Ex: /subscriptions/subscriptionid/resourceGroups/contosorg/providers/Microsoft.KeyVault/vaults/contosovault
keyVaultSecretUrl KeyVault secret Url. Ex: https://contosovault.vault.azure.net/secrets/contososecret/e088818e865e48488cf363af16dea596
useExistingKek Select kek if the secret is encrypted with a key encryption key and pass explicit keyVaultKekUrl. For nokek, you can keep keyVaultKekUrl empty.
kekUrl key encryption key Url. Ex: https://contosovault.vault.azure.net/keys/contosokek/562a4bb76b524a1493a6afe8e536ee78
kekVaultResourceID key encryption key vault resource id. Ex: /subscriptions/subscriptionid/resourceGroups/contosorg/providers/Microsoft.KeyVault/vaults/contosovault

使用模板

PowerShell

New-AzureRmResourceGroupDeployment -Name <deployment-name> -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/201-create-encrypted-managed-disk/azuredeploy.json
安装和配置 Azure PowerShell

命令行

azure config mode arm
azure group deployment create <my-resource-group> <my-deployment-name> --template-uri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/201-create-encrypted-managed-disk/azuredeploy.json
安装和配置 Azure 跨平台命令行界面