I was asked to create a small PowerShell script to provide a short summary for the auditing department of every single virtual machine in any given subscription and their disk’s current encryption status.
I created the small block of commands to come up with the data required. You can use that as a start to get more advanced reporting of your environment.
$ResourceGroupname = "ResourceGroupName" $VMs = Get-AzVM -ResourceGroupName $ResourceGroupname foreach ($VM in $VMs) { $tmpEncryption = Get-AzVMDiskEncryptionStatus -VMName $VM.Name -ResourceGroupName $VM.ResourceGroupName Write-Host "VM Name......: " $VM.Name Write-Host "OS Disk......: " $tmpEncryption.OSVolumeEncrypted Write-Host "Data Disk....: " $tmpEncryption.DataVolumesEncrypted }
Hi Anderson
Thanks for this Script.
Could you please share any PS script in which we can get below details along with Disk Encryption Status of Each VMs
VmName, ResourceGroupName, Region, VmSize, VirtualNetwork, Subnet, PrivateIpAddress, OsType, PublicIPAddress , SKU, Encryption, Backup Configured , Backup Policy and other detaisdetails you want to add
Currently using below scrip for some information.
#Provide the subscription Id where the VMs reside
#$subscriptionId = “xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx”
#Provide the name of the csv file to be exported
$reportName = “myReport.csv”
#Select-AzSubscription $subscriptionId
$report = @()
$vms = Get-AzVM
$RG = Get-AzResourceGroup
$publicIps = Get-AzPublicIpAddress
$nics = Get-AzNetworkInterface | ?{ $_.VirtualMachine -NE $null}
foreach ($nic in $nics) {
$info = “” | Select VmName, ResourceGroupName, Region, VmSize, VirturalNetwork, Subnet, PrivateIpAddress, OsType, PublicIPAddress , Encryption ,SKU
$vm = $vms | ? -Property Id -eq $nic.VirtualMachine.id
foreach($publicIp in $publicIps) {
if($nic.IpConfigurations.id -eq $publicIp.ipconfiguration.Id) {
$info.PublicIPAddress = $publicIp.ipaddress
}
}
$info.OsType = $vm.StorageProfile.OsDisk.OsType
$info.SKU = $vm.StorageProfile.ImageReference.Sku
$info.VMName = $vm.Name
$info.ResourceGroupName = $vm.ResourceGroupName
$info.Region = $vm.Location
$info.VmSize = $vm.HardwareProfile.VmSize
$info.VirturalNetwork = $nic.IpConfigurations.subnet.Id.Split(“/”)[-3]
$info.Subnet = $nic.IpConfigurations.subnet.Id.Split(“/”)[-1]
$info.PrivateIpAddress = $nic.IpConfigurations.PrivateIpAddress
$report+=$info
}
$report | ft VmName, ResourceGroupName, Region, VmSize, VirtualNetwork, Subnet, PrivateIpAddress, OsType, PublicIPAddress , Encryption ,SKU
$report | Export-CSV “$home/$reportName”
if you can modify and add required fields then it will be greatful.
Thanks in Advance
Hi, Can we fetch below extension details as well using a script? Please help.
Name :AzureDiskEncryption :
Type :Microsoft.Azure.Security.AzureDiskEncryption
Version : 2.*