When I try to enabled Azure Disk Encryption on an Azure Windows Server 2022 VM I get the following error: *Failed to enable Azure Disk Encryption on the VM with the following exception details:Microsoft.Cis.Security.BitLocker.BitlockerIaasVMExtension.BitlockerFailedToSendEncryptionSettingsException: The fault reason was: ' 0xc142506f RUNTIME_E_KEYVAULT_SECRET_WRAP_WITH_KEK_FAILED Key vault secret wrap with key encryption key failed.at Microsoft.Cis.Security.BitLocker.BitlockerIaasVMExtension.WireProtocol.WireProtocolMessage.SendEncryptionSettingsToHost() * I have enabled Access Policies on the KeyVault. I'm following the instructions here: https://www.starwindsoftware.com/blog/encrypt-your-azure-vm-with-azure-disk-encryption
The KeyVault is in the same tenant as the VM. I have JIT enabled on the VM. Not sure if that's an issue.
Any ideas?
I tried to reproduce the same in my environment I got the same error like below:
When I created Azure Windows Server 2019 VM Azure Disk Encryption is deployed successfully like below:
When I try to check in server BitLocker drive encryption Bitlocker is enabled in the Azure VM and the disk is encrypting successfully like below: