Convert Azure VM Security Type - Trusted Launch to Standard to Enable ASR on existing workloads.
This document outlines the process for changing the Azure VM Security Type from Trusted Launch to Standard to enable Azure Site Recovery (ASR) on existing workloads. Trusted Launch is a way to enable foundational compute security on Azure Generation 2 VMs. It protects your virtual machines against advanced and persistent attack techniques like boot kits and rootkits by combining infrastructure technologies such as Secure Boot, vTPM, and Boot Integrity Monitoring. Currently, Azure Site Recovery does not support Trusted Launch VMs, despite the Azure Portal defaulting to Trusted Launch when deploying virtual machines. This limitation has caused issues for customers who build environments with the default Trusted Launch setting, only to discover that ASR cannot be enabled. As a result, the entire environment often needs to be rebuilt...