Shridhar Parameshwar Bhat ShridharParameshwarBhat
ShridharParameshwarBhat
/ RetreiveEncryptionSecretViaUrl.ps1
Created
May 4, 2021 21:34
— forked from vermashi/RetreiveEncryptionSecretViaUrl.ps1
Retrieve Encryption key via secret URL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Param( | |
| [Parameter(Mandatory = $true, | |
| HelpMessage="URL to the secret stored in the keyvault")] | |
| [ValidateNotNullOrEmpty()] | |
| [string]$secretUrl, | |
| [Parameter(Mandatory = $false, | |
| HelpMessage="URL to the KEK")] | |
| [ValidateNotNullOrEmpty()] | |
| [string]$kekUrl, |
ShridharParameshwarBhat
/ RetreiveEncryptionSecretViaUrl.ps1
Created
May 4, 2021 21:35
— forked from killejay/RetreiveEncryptionSecretViaUrl.ps1
Retrieve Encryption key via secret URL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Sample Script Run command (could run without escalation): | |
| # ./RetreiveEncryptionSecretViaUrl.ps1 -secretUrl xxx -kekUrl yyy -secretFilePath Output-KEK-key -vaultrg Resource-group-of-keyvault | |
| Param( | |
| [Parameter(Mandatory = $true, | |
| HelpMessage="keyvault resource group name")] | |
| [ValidateNotNullOrEmpty()] | |
| [string]$vaultrg, | |
| [Parameter(Mandatory = $true, |
ShridharParameshwarBhat
/ GenerateBEKFileForDiskUnlock.ps1
Last active
February 23, 2022 22:33
This is the script to generate the BEK file for unlocking the encrypted disk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Param( | |
| [Parameter(Mandatory = $true, | |
| HelpMessage="URL of the secret stored in the keyvault")] | |
| [ValidateNotNullOrEmpty()] | |
| [string]$secretUrl, | |
| [Parameter(Mandatory = $true, | |
| HelpMessage="Resource group of keyvault")] | |
| [ValidateNotNullOrEmpty()] | |
| [string]$keyVaultResourceGroup, |
ShridharParameshwarBhat
/ CopyKeys.ps1
Created
May 27, 2021 17:50
Script to copy keys of VMs encrypted with ADE from source region to target region
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### --------------------------------------------------------------- | |
| ### <script name=CopyKeys> | |
| ### <summary> | |
| ### This script copies the disk encryption keys and key encryption | |
| ### keys for Azure Disk Encryption (ADE) enabled VMs from the source | |
| ### region to disaster recovery (DR) region. Azure Site Recovery requires | |
| ### the keys to enable replication for these VMs to another region. | |
| ### </summary> | |
| ### | |
| ### <param name="AllowResourceMoverAccess">Switch parameter indicating if the MSI created by |
ShridharParameshwarBhat
/ ClientCert2passdeployment.json
Last active
October 20, 2021 10:33
Client Cert 2pass deployment script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "vmName": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Name of the virtual machine" | |
| } | |
| }, |
ShridharParameshwarBhat
/ clientcertusekek.json
Last active
October 20, 2021 08:32
Client Cert update vm usekek
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "vmName": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Name of the Virtual Machine" | |
| } | |
| }, |
ShridharParameshwarBhat
/ clientcertnokek.json
Last active
October 20, 2021 08:33
Client cert updatevm no kek
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "vmName": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Name of the Virtual Machine" | |
| } | |
| }, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "vmName": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Name of the virtual machine" | |
| } | |
| }, |