我使用azure python模块将非托管数据磁盘附加到vm。我想知道有没有办法创建加密的非托管磁盘?
我使用以下代码创建并将datadisk附加到vm
def attach(clientid,clientsecret,tenantid,subscription_id):
credentials = ServicePrincipalCredentials(client_id = clientid,secret = clientsecret,tenant = tenantid)
compute_client = ComputeManagementClient(credentials, subscription_id)
vm = compute_client.virtual_machines.get(
'AzureARM-SanRamon-New-ResGrp',
'az-win229'
)
disk=[{
'name': 'mydatadisk6',
'disk_size_gb': 1,
'lun': 6,
'vhd': {
'uri' : "http://{}.blob.core.windows.net/vhds/mydatadisk6.vhd".format(
'crimasterdisks791')
},
'create_option': 'empty'
},{
'name': 'mydatadisk7',
'disk_size_gb': 1,
'lun': 7,
'vhd': {
'uri' : "http://{}.blob.core.windows.net/vhds/mydatadisk7.vhd".format(
'crimasterdisks791')
},
'create_option': 'empty'
}]
for each_disk in disk:
vm.storage_profile.data_disks.append(each_disk)
async_update = compute_client.virtual_machines.create_or_update(
'AzureARM-SanRamon-New-ResGrp',
'az-win229',
vm,
)
async_update.wait()
但是这是创建一个未加密的pageblob vhd并附加到vm.I想在这里提供一些选项来加密将要创建的blob vhd。现在可能吗?
您可以创建磁盘,将其附加到vm并使用OS功能进行加密(bitlocker \ dm-crypt)。你也可以使用Azure VM Encryption extension。