DROP ASYMMETRIC KEY (Transact-SQL)

Applies to: SQL Server Azure SQL Database Azure SQL Managed Instance Azure Synapse Analytics

Removes an asymmetric key from the database.

Transact-SQL syntax conventions

Note

This syntax is not supported by serverless SQL pool in Azure Synapse Analytics.

Syntax

DROP ASYMMETRIC KEY key_name [ REMOVE PROVIDER KEY ]  

Note

To view Transact-SQL syntax for SQL Server 2014 (12.x) and earlier versions, see Previous versions documentation.

Arguments

key_name
Is the name of the asymmetric key to be dropped from the database.

REMOVE PROVIDER KEY
Removes an Extensible Key Management (EKM) key from an EKM device. For more information about Extensible Key Management, see Extensible Key Management (EKM).

Remarks

An asymmetric key with which a symmetric key in the database has been encrypted, or to which a user or login is mapped, cannot be dropped. Before you drop such a key, you must drop any user or login that is mapped to the key. You must also drop or change any symmetric key encrypted with the asymmetric key. You can use the DROP ENCRYPTION option of ALTER SYMMETRIC KEY to remove encryption by an asymmetric key.

Metadata of asymmetric keys can be accessed by using the sys.asymmetric_keys catalog view. The keys themselves cannot be directly viewed from inside the database.

If the asymmetric key is mapped to an Extensible Key Management (EKM) key on an EKM device and the REMOVE PROVIDER KEY option is not specified, the key will be dropped from the database but not the device. A warning will be issued.

Permissions

Requires CONTROL permission on the asymmetric key.

Examples

The following example removes the asymmetric key MirandaXAsymKey6 from the AdventureWorks2022 database.

USE AdventureWorks2022;  
DROP ASYMMETRIC KEY MirandaXAsymKey6;  

See Also

CREATE ASYMMETRIC KEY (Transact-SQL)
ALTER ASYMMETRIC KEY (Transact-SQL)
Encryption Hierarchy
ALTER SYMMETRIC KEY (Transact-SQL)