Hello,
Environment: vSphere 8.0 U1.
Question: How can I see if a VMDK has been encrypted? (VMware level virtual disk encryption)
For testing purposed, I created a new Windows 11 VM via the "add new VM wizard and chose Windows 11 64bit as the OS. It added the vTPM by itself and I just went through the wizard with the defaults.
Then, in vCenter, in the VM's "Virtual Machine Details" pane, it says "Encrypted with native key provider". It also shows a small lock icon which, when I hover the mouse-pointer over it, it displays "VM configuration files are encrypted.".
If I take that last statement literally, only the config files are encrypted and the VMDK is not.
I'm having a discussion with folks that say "don't take that statement with a grain of salt, everything is encrypted incl. the VMDK".
So, how do I verify/prove that the virtual disk, the VMDK, is indeed encrypted or not?
I cannot find the answer to this question in the documentation and if I google it, I only get replies on how to enable encryption etc. but that is NOT what I'm asking.
Note: I am aware of the PowerCLI module for VM Encryption on GitHub, but so far, all I get is this:
get-vm “Win11-Test” | Get-VMEncryptionInfo
Name Value
---- -----
profile
connectState connected
name Win11-Test
disks {}
keyId VMware.Vim.CryptoKeyId
Can I interpret the value of "disks" being empty, and of and "keyID" not showing an ID, that this VM's single VMDK is not encrypted?
Tnx