question

sakuraime avatar image
0 Votes"
sakuraime asked sakuraime commented

Azure sql database bring your own key encryption

I would like to encrypt the Azure sql database using uploading a customer key in to key vault.
89086-image.png


any detail procedures ?
And may I know if all Azure sql databases under the same Azure sql server must use the same key to encrypt ? Coz there are no options to choose .
89087-image.png


azure-sql-database
image.png (21.2 KiB)
image.png (17.4 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

NavtejSaini-MSFT avatar image
0 Votes"
NavtejSaini-MSFT answered sakuraime commented

@sakuraime

Please go through this document for details regarding BYOK Bring your own key details. Please check and let us know if you need any further help.

Regards
Navtej S


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@sakuraime Please let us know if you have any other questions.

0 Votes 0 ·

I am a bit confuse.


For Azure sql managed instance , I will need to use
Add-AzSqlManagedInstanceTransparentDataEncryptionCertificate < to add the certificate (before migrating the TDE enabled database on prem).

so what's the purpose of creating a key at keyvault ?
91053-image.png


0 Votes 0 ·
image.png (44.3 KiB)