Skip to main content

Encrypt a Virtual Machine

This tutorial guides you through encrypting an IaaS VMware virtual machine from the Console portal.

Prerequisites

  1. Key Provider (HSM/KMS):

    • A key provider must be configured on the vStack. (If no key provider is configured, please contact support via a ticket.)
    • Ensure the key provider is properly enabled.

  2. Virtual Machine State:

    • The virtual machine must be powered off.
    • The virtual machine must not be in spp mode 'test'.
    • The virtual machine must not already be encrypted.
    • The virtual machine must not have any snapshots.
    • The virtual machine must not be replicated.

Interface

After logging into the Console web portal, navigate to the 'IaaS' menu, then the 'Configuration' submenu, and select the 'vCenters' tab to check whether encryption is enabled for the specific vStack.

Next, go to the 'Virtual Machines' submenu and select the virtual machine you wish to encrypt.

In the virtual machine's general information, you will find the status indicating whether the machine is already encrypted or not.

If the virtual machine meets the prerequisites, proceed with the process by clicking the toolbar button displaying a lock icon labeled 'Encrypt Virtual Machine'.

A confirmation window will appear—select Encrypt.

Once the operation is complete, you should see the updated status indicating that your virtual machine is now encrypted.