voltron/PowerCLI-Example-Scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update VMware.VMEncryption.psm1

Browse Source
This commit is contained in:
simonfangyingzhang
2018-04-27 04:45:44 +01:00
committed by GitHub
parent 29719d6ca7
commit 049e621fb6
1 changed files with 8 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
Modules/VMware.VMEncryption/VMware.VMEncryption.psm1
View File

@@ -69,18 +69,18 @@ New-VIProperty -Name vMotionEncryption -ObjectType VirtualMachine -Value {
$VM.ExtensionData.Config.MigrateEncryption $VM.ExtensionData.Config.MigrateEncryption
} -BasedOnExtensionProperty 'Config.MigrateEncryption' -Force | Out-Null } -BasedOnExtensionProperty 'Config.MigrateEncryption' -Force | Out-Null
New-VIProperty -Name KMSserver -ObjectType VirtualMachine -Value {
Param ($VM)
if ($VM.Encrypted) {
$VM.EncryptionKeyId.ProviderId.Id
}
} -BasedOnExtensionProperty 'Config.KeyId' -Force | Out-Null
New-VIProperty -Name Encrypted -ObjectType HardDisk -Value { New-VIProperty -Name Encrypted -ObjectType HardDisk -Value {
Param ($hardDisk) Param ($hardDisk)
$hardDisk.ExtensionData.Backing.KeyId -ne $null $hardDisk.ExtensionData.Backing.KeyId -ne $null
} -BasedOnExtensionProperty 'Backing.KeyId' -Force | Out-Null } -BasedOnExtensionProperty 'Backing.KeyId' -Force | Out-Null
New-VIProperty -Name EncryptionKeyId -ObjectType HardDisk -Value {
Param ($Disk)
if ($Disk.Encrypted) {
$Disk.ExtensionData.Backing.KeyId
}
} -BasedOnExtensionProperty 'Backing.KeyId' -Force | Out-Null
New-VIProperty -Name KMSserver -ObjectType VMHost -Value { New-VIProperty -Name KMSserver -ObjectType VMHost -Value {
Param ($VMHost) Param ($VMHost)
if ($VMHost.CryptoSafe) { if ($VMHost.CryptoSafe) {
@@ -88,13 +88,6 @@ New-VIProperty -Name KMSserver -ObjectType VMHost -Value {
} }
} -BasedOnExtensionProperty 'Runtime.CryptoKeyId.ProviderId.Id' -Force | Out-Null } -BasedOnExtensionProperty 'Runtime.CryptoKeyId.ProviderId.Id' -Force | Out-Null
New-VIProperty -Name EncryptionKeyId -ObjectType HardDisk -Value {
Param ($Disk)
if ($Disk.Encrypted) {
$Disk.ExtensionData.Backing.KeyId
}
} -BasedOnExtensionProperty 'Backing.KeyId' -Force | Out-Null
Function Enable-VMHostCryptoSafe { Function Enable-VMHostCryptoSafe {
<# <#
.SYNOPSIS .SYNOPSIS
@@ -983,7 +976,7 @@ Function Set-VMDiskEncryptionKey {
C:\PS>$KMSCluster = Get-KMSCluster | select -last 1 C:\PS>$KMSCluster = Get-KMSCluster | select -last 1
C:\PS>$VM = Get-VM -Name win2012 C:\PS>$VM = Get-VM -Name win2012
C:\PS>$HardDisk = get-vm $vm|Get-HardDisk C:\PS>$HardDisk = get-vm $vm|Get-HardDisk
C:\PS>$HardDisk|Set-VMDiskEncryptionKey -VM $VM -KMSClusterId $KMSCluster.Id -Deep C:\PS>$HardDisk| Set-VMDiskEncryptionKey -VM $VM -KMSClusterId $KMSCluster.Id -Deep
Deep rekeys all the disks of the $VM using a new key. Deep rekeys all the disks of the $VM using a new key.
The key is generated from the KMS whose clusterId is $KMSCluster.Id. The key is generated from the KMS whose clusterId is $KMSCluster.Id.