Azure – You can now enable trusted launch on existing virtual machines

As you may already know, you have been able to create virtual machines on Azure with trusted launch capabilities – Secure Boot, vTPM…

Until now, you could not enable trusted launch on existing VM’s.

After few months in private preview, you can now enable it on existing virtual machines.

Off course, existing virtual machines must meet the requirements for enabling trusted launch as listed here https://learn.microsoft.com/en-us/azure/virtual-machines/trusted-launch/.

To enable trusted launch on your virtual machine, connect to your Azure portal (https://portal.azure.com/) to shutdown the virtual machine before updating the Security type

image  image

Once trusted launch is selected, you can then the security features you want to enable.

You can also off course use a PowerShell script to do it in bulk:

Connect-AzAccount –SubscriptionId <subscription ID>

Stop-AzVM –ResourceGroupName <resource group> –Name <virtual machine name>

Get-AzVM -ResourceGroupName <resource group> -VMName <virtual machine name> | Update-AzVM -SecurityType TrustedLaunch -EnableSecureBoot $true -EnableVtpm $true

Start-AzVM -ResourceGroupName <resource group> -Name <virtual machine name>

Leave a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.