Azure 快速入门模板目前提供英文版
This template enables encryption on a running windows vm.
此 Azure Resource Manager (ARM) 模板由社区的某个成员(而不是由 Microsoft)创建。每个 ARM 模板都根据其所有者(不是 Microsoft)的许可协议向你授予许可。Microsoft 不对由社区成员提供并授予许可的 ARM 模板负责,并且不针对安全性、兼容性和性能进行筛选。社区 ARM 模板不由任何 Microsoft 支持计划或服务提供支持,按“原样”提供,没有任何种类的担保。
参数
| 参数名 | 说明 |
|---|---|
| vmName | Name of the virtual machine. |
| keyVaultName | Name of the KeyVault to place the volume encryption key |
| enabledForDeployment | Specifies whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. |
| enabledForDiskEncryption | Specifies whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. |
| enabledForTemplateDeployment | Specifies whether Azure Resource Manager is permitted to retrieve secrets from the key vault. |
| keysPermissions | Specifies the permissions to keys in the vault. Valid values are: all, encrypt, decrypt, wrapKey, unwrapKey, sign, verify, get, list, create, update, import, delete, backup, restore, recover, and purge. |
| secretsPermissions | Specifies the permissions to secrets in the vault. Valid values are: all, get, list, set, delete, backup, restore, recover, and purge. |
| skuName | Specifies whether the key vault is a standard vault or a premium vault. |
| location | Location of the resources. |
使用模板
PowerShell
New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment安装和配置 Azure PowerShell
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.compute/encrypt-running-windows-vm/azuredeploy.json
命令行
az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment安装和配置 Azure 跨平台命令行界面
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.compute/encrypt-running-windows-vm/azuredeploy.json