Configure and use Always Encrypted with secure enclaves
Applies to: 
Starting with SQL Server 2019 (15.x) - Windows only Azure SQL Database
Always Encrypted with secure enclaves extends the existing Always Encrypted feature to enable richer functionality on sensitive data while keeping the data confidential. This article lists common tasks for configuring and using the feature.
For tutorials that show you how to quickly get started with Always Encrypted with secure enclaves, see:
- Tutorial: Getting started with Always Encrypted with secure enclaves in SQL Server
- Tutorial: Getting started with Always Encrypted with secure enclaves in Azure SQL Database
Set up the secure enclave and attestation
Before you can use Always Encrypted with secure enclaves, you need to configure your environment to ensure the secure enclave is available for the database. You also need to set up enclave attestation.
The process for setting up your environment depends on whether you're using SQL Server 2019 (15.x) or Azure SQL Database.
Set up the secure enclave and attestation in SQL Server
For details, see the following articles:
- Plan for Host Guardian Service attestation
- Deploy the Host Guardian Service for SQL Server
- Register computer with the Host Guardian Service
- Configure the secure enclave in SQL Server
Set up the secure enclave and attestation in Azure SQL Database
For details, see the following articles:
- Plan for Intel SGX enclaves and attestation in Azure SQL Database
- Enable Intel SGX for your Azure SQL Database
- Configure Azure Attestation for your Azure SQL Database logical server
Manage keys for Always Encrypted with secure enclaves
See the following articles for details:
- Manage keys for Always Encrypted with secure enclaves - overview
- Provision enclave-enabled keys
- Rotate enclave-enabled keys
Configure columns with Always Encrypted with secure enclaves
See the following articles for details:
- Configure column encryption in-place using Always Encrypted with secure enclaves - overview
- Configure column encryption in-place with Transact-SQL
- Enable Always Encrypted with secure enclaves for existing encrypted columns
Run Transact-SQL statements using secure enclaves
See the following articles for details:
- Run Transact-SQL statements using secure enclaves
- Troubleshoot common issues for Always Encrypted with secure enclaves
Create and use indexes on enclave-enabled columns
See the following articles for details:
Develop applications using Always Encrypted with secure enclaves
See the following articles for details:
Tilbakemeldinger
Send inn og vis tilbakemelding for