I am trying to get Azure Storage's encryption status from command line or programatically but could not find any relevant cmdlet(https://docs.microsoft.com/en-us/powershell/module/azure.storage/get-azurestorageserviceproperty?view=azurermps-6.13.0). I can check that manually from portal like this
is it avilable to check through any command line or we have to check only through portal ?
You could use the command below, make sure you have installed the Az module.
(Get-AzResource -ResourceGroupName <group-name> -ResourceType Microsoft.Storage/storageAccounts -Name <storageaccount-name>).Properties.encryption | ConvertTo-Json
If the Encryption type is Microsoft-managed keys, the keySource will be Microsoft.Storage.
If the Encryption type is Customer-managed keys, the keySource will be Microsoft.Keyvault, keyvaultproperties will include the properties of the keyvault key you configured.
You can make use of Get-AzStorageAccount PowerShell Cmdlet.
$props = Get-AzStorageAccount -ResourceGroupName "your-resource-group-name" -Name "storageaccount-name"
$keySource = $props.Encryption.KeySource
$keySource should tell you the encryption type used. In my case, it printed Microsoft.Storage
