Fixing ARM deployment errors for Linux disk encryption

When running ARM templates to deploy Linux with disk encryption on Azure I encountered a few errors. The errors where coming when I rerun the same template multiple times. In this post I explain the errors and how I fixed them.

Error: … is not a valid versioned Key Vault Secret URL
Continue reading “Fixing ARM deployment errors for Linux disk encryption”

Keep your ARM deployment secrets in the Key Vault

Keep your deployment secret secure in the key vault when using ARM templates to deploy into Azure

When creating new resource in Azure that have secrets like passwords or ssl certificates you can securely save them in the Key Vault and get them from the Key Vault when you deploy. Only the people who need access to the secrets can read and write them to the Key Vault. In a infrastructure as code scenario the secrets are supplied when deploying your templates to Azure. The code it self will be free of secrets.
Continue reading “Keep your ARM deployment secrets in the Key Vault”

Restarting Azure VMs after encrypting the disks

When deploying Azure VMs with disk encryption you have to restart the VM. The disc encrypting part is an async process that finishes after the arm templates are finished. It can take up to and hour before the whole disk is encrypted. To make life easier I made a powershell script that checks the status of the encrypted disks and if the VM needs a restart:
Continue reading “Restarting Azure VMs after encrypting the disks”

Deploy a Marketplace Linux VM with disk encryption using ARM templates

Protect your data at rest with disk encryption on Linux VMs and deploying them as Infrastructure as Code.

disk-encryption-vm-on-azure
VM with disk encryption

Continue reading “Deploy a Marketplace Linux VM with disk encryption using ARM templates”