Set-​Azure​Rm​Sql​Server​Transparent​Data​Encryption​Protector

Sets the Transparent Data Encryption (TDE) protector for a SQL server.

Syntax

Set-AzureRmSqlServerTransparentDataEncryptionProtector
   [-ResourceGroupName] <String>
   [-ServerName] <String>
   [-Type] <EncryptionProtectorType>
   [[-KeyId] <String>]
   [-Confirm]
   [-WhatIf]
   [<CommonParameters>]

Description

The Set-AzureRmSqlServerTransparentDataEncryptionProtector cmdlet sets the TDE protector for a SQL server. Changing the TDE protector type will rotate the protector.

Examples

-------------------------- Example 1: Set the Transparent Data Encryption (TDE) protector type to ServiceManaged --------------------------

PS C:\> Set-AzureRmSqlServerTransparentDataEncryptionProtector -Type ServiceManaged -ServerName 'ContosoServer' -ResourceGroup 'ContosoResourceGroup'

This command updates a server's TDE protector type to Service Managed.

ResourceGroupName ServerName Type ServerKeyVaultKeyName


ContosoResourceGroup ContosoServer ServiceManaged ServiceManaged

-------------------------- Example 2: Set the Transparent Data Encryption protector type to Azure Key Vault --------------------------

PS C:\> Set-AzureRmSqlServerTransparentDataEncryptionProtector -Type AzureKeyVault -KeyId 'https://contoso.vault.azure.net/keys/contosokey/01234567890123456789012345678901' -ServerName 'ContosoServer' -ResourceGroup 'ContosoResourceGroup'

This command updates a server to use the Server Key Vault Key with Id 'https://contoso.vault.azure.net/keys/contosokey/01234567890123456789012345678901' as the TDE protector.

ResourceGroupName ServerName Type ServerKeyVaultKeyName


ContosoResourceGroup ContosoServer AzureKeyVault contoso_contosokey_01234567890123456789012345678901

Required Parameters

-ResourceGroupName

The name of the resource group

Type:String
Position:0
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-ServerName

The Azure Sql Server name.

Type:String
Position:1
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-Type

The Azure Sql Database TDE protector type.

Type:EncryptionProtectorType
Parameter Sets:AzureKeyVault, ServiceManaged
Position:2
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False

Optional Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False
-KeyId

The Azure Key Vault KeyId.

Type:String
Position:3
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Microsoft.Azure.Commands.Sql.TransparentDataEncryption.Model.EncryptionProtectorType

System.String

Outputs

System.Object