When you create an encrypted virtual machine from the vSphere Client, you can select which virtual disks that you add during virtual machine creation are encrypted. You can decrypt virtual disks that are encrypted by using the Edit VM Storage Policies option.
This task describes how to change the encryption policy using storage policies. You can also use the Edit Settings menu to make this change.
- You must have the privilege.
- Ensure that the virtual machine is powered off.
- Connect to vCenter Server by using the vSphere Client.
- Right-click the virtual machine and select .
- Change the storage policy.
You cannot encrypt the virtual disk of an unencrypted VM.
- To change the storage policy for the VM and its hard disks, select an encryption storage policy and click OK.
- To encrypt the VM but not the virtual disks, toggle on Configure per disk, select the encryption storage policy for VM Home and other storage policies for the virtual disks, and click OK.
- If you prefer, you can change the storage policy from the Edit Settings menu.
- Right-click the virtual machine and select Edit Settings.
- Select the Virtual Hardware tab, expand a hard disk, and select an encryption policy from the drop-down menu.
- Click OK.