Azure磁盘加密Linux VM密钥轮换
[英]Azure Disk Encryption Linux VM key rotation
问题描述
So, lets say I've encrypted Linux VM on Azure (boy, the docs are awful). 
所以,可以说我已经在Azure上加密了Linux VM(男孩,文档太糟糕了)。 How do I rotate the keys? 如何旋转按键? Is it even possible? 可能吗? Right now I see that Azure offers passphrase encryption. 现在,我看到Azure提供了密码加密。 I suppose you can't really "rotate" that? 我想你真的不能“旋转”那个吗?
But let's imagine I've used KEK (key encryption keys) to encrypt passphrase which is used to encrypt Linux VM, I don't think there's a way to rotate that except for remove encryption\\enable encryption? 但是,让我们想象一下,我已经使用KEK(密钥加密密钥)来加密用于加密Linux VM的密码,除了删除加密\\启用加密之外,我认为没有办法旋转它吗?
Am I missing something? 我想念什么吗?
vm encoded with Passphrase which is in turn encrypted with kek 使用Passphrase编码的vm,然后使用kek加密
1 个解决方案
解决方案1
0 已采纳 2019-04-19 12:26:46
Quote: 引用:
To rotate secrets, just call the same command you used originally to enable disk encryption, specifying a different Key Vault.
https://docs.microsoft.com/en-us/azure/security/azure-security-disk-encryption-faq#how-do-i-rotate-secrets-or-encryption-keys https://docs.microsoft.com/en-us/azure/security/azure-security-disk-encryption-faq#how-do-i-rotate-secrets-or-encryption-keys
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.