DROP ASYMMETRIC KEY (Transact-SQL)

Applies to: yesSQL Server (all supported versions) YesAzure SQL Database YesAzure SQL Managed Instance yesAzure Synapse Analytics

Removes an asymmetric key from the database.

Topic link icon Transact-SQL Syntax Conventions

Note

This syntax is not supported by serverless SQL pool in Azure Synapse Analytics.

Syntax

DROP ASYMMETRIC KEY key_name [ REMOVE PROVIDER KEY ]  

Note

To view Transact-SQL syntax for SQL Server 2014 and earlier, see Previous versions documentation.

Arguments

key_name
Is the name of the asymmetric key to be dropped from the database.

REMOVE PROVIDER KEY
Removes an Extensible Key Management (EKM) key from an EKM device. For more information about Extensible Key Management, see Extensible Key Management (EKM).

Remarks

An asymmetric key with which a symmetric key in the database has been encrypted, or to which a user or login is mapped, cannot be dropped. Before you drop such a key, you must drop any user or login that is mapped to the key. You must also drop or change any symmetric key encrypted with the asymmetric key. You can use the DROP ENCRYPTION option of ALTER SYMMETRIC KEY to remove encryption by an asymmetric key.

Metadata of asymmetric keys can be accessed by using the sys.asymmetric_keys catalog view. The keys themselves cannot be directly viewed from inside the database.

If the asymmetric key is mapped to an Extensible Key Management (EKM) key on an EKM device and the REMOVE PROVIDER KEY option is not specified, the key will be dropped from the database but not the device. A warning will be issued.

Permissions

Requires CONTROL permission on the asymmetric key.

Examples

The following example removes the asymmetric key MirandaXAsymKey6 from the AdventureWorks2012 database.

USE AdventureWorks2012;  
DROP ASYMMETRIC KEY MirandaXAsymKey6;  

See Also

CREATE ASYMMETRIC KEY (Transact-SQL)
ALTER ASYMMETRIC KEY (Transact-SQL)
Encryption Hierarchy
ALTER SYMMETRIC KEY (Transact-SQL)