This is a question that looks like it gets asked once every 5-6 years, so I'll put it out there again now!
What is the best way to sanitize a VM from vCenter attached storage, in our case, specifically a non-stretched vSAN (currently 6.7.0-18010457)?
Previous answers generally included 'boot and nuke' style sanitization, and am wondering if this is still relevant on today's all flash vSANs, or of there is a better out-of-box solution for this.
what do you mean with sanitizing?
Sorry, I didn't use the word 'data' in front of sanitization - "the process of deliberately, permanently and irreversibly removing or destroying the data stored on a memory device to make it unrecoverable".
Just deleting a VM through vCenter is theoretically recoverable (at least for a time), so looking for current 'best practices' in the vSphere world for VM level data sanitization (as opposed to 'end of life / repurposing sanitization of a vSAN itself).
there's a secure wipe option, but this is intended for decommissioned disks etc:
https://blogs.vmware.com/virtualblocks/2020/10/12/vsan-a-secure-fortress-for-your-data/
Maybe doing encryption up front is the best method.
--Alan--
Yes, I was considering chatting vSAN encryption with our storage architect for possible implementation in the near future, but for now, I wonder if this is a question to pose to VMWare reps themselves (even if there isn't an answer, it's a question worth putting in their heads).