sys.column_master_keys (Transact-SQL)sys.column_master_keys (Transact-SQL)

适用于:Applies to: 是SQL Server 2016 (13.x)SQL Server 2016 (13.x)yesSQL Server 2016 (13.x)SQL Server 2016 (13.x) 及更高版本 是Azure SQL 数据库Azure SQL DatabaseYesAzure SQL 数据库Azure SQL Database 是Azure SQL 托管实例Azure SQL Managed InstanceYesAzure SQL 托管实例Azure SQL Managed Instance适用于:Applies to: 是SQL Server 2016 (13.x)SQL Server 2016 (13.x)yesSQL Server 2016 (13.x)SQL Server 2016 (13.x) and later 是Azure SQL 数据库Azure SQL DatabaseYesAzure SQL 数据库Azure SQL Database 是Azure SQL 托管实例Azure SQL Managed InstanceYesAzure SQL 托管实例Azure SQL Managed Instance

为使用 CREATE MASTER key 语句添加的每个数据库主密钥返回一行。Returns a row for each database master key added by using the CREATE MASTER KEY statement. 每一行代表一个列主密钥 (CMK) 。Each row represents a single column master key (CMK).

列名称Column name 数据类型Data type 说明Description
namename sysnamesysname CMK 的名称。The name of the CMK.
column_master_key_idcolumn_master_key_id intint 列主密钥的 ID。ID of the column master key.
create_datecreate_date datetimedatetime 列主密钥的创建日期。Date the column master key was created.
modify_datemodify_date datetimedatetime 列主密钥的上次修改日期。Date the column master key was last modified.
key_store_provider_namekey_store_provider_name sysnamesysname 包含 CMK 的列主密钥存储的提供程序的名称。Name of the provider for the column master key store that contains the CMK. 允许值包括:Allowed values are:

MSSQL_CERTIFICATE_STORE-如果列主密钥存储是证书存储区,则为。MSSQL_CERTIFICATE_STORE - If the column master key store is a Certificate Store.

用户定义的值(如果列主密钥存储为自定义类型)。A user-defined value, if the column master key store is of a custom type.
key_pathkey_path nvarchar(4000)nvarchar(4000) 密钥的列主密钥存储特定路径。A column master key store-specific path of the key. 路径的格式取决于列主密钥存储类型。The format of the path depends on the column master key store type. 例如:Example:

'CurrentUser/Personal/'<thumbprint>

对于自定义列主密钥存储,开发人员负责为自定义列主密钥存储定义密钥路径。For a custom column master key store, the developer is responsible for defining what a key path is for the custom column master key store.
allow_enclave_computationsallow_enclave_computations bitbit 指示列主密钥是否已启用 enclave, (如果使用此主密钥加密的列加密密钥可用于服务器端安全 enclaves) 内的计算。Indicates if the column master key is enclave-enabled, (if column encryption keys, encrypted with this master key, can be used for computations inside server-side secure enclaves). 有关详细信息,请参阅具有安全 enclave 的 Always EncryptedFor more information, see Always Encrypted with secure enclaves.
签名signature varbinary(max)varbinary(max) Key_pathallow_enclave_computations(使用由 key_path 引用的列主密钥生成)的数字签名。A digital signature of key_path and allow_enclave_computations, produced using the column master key, referenced by key_path.

权限Permissions

需要 VIEW ANY COLUMN MASTER KEY 权限。Requires the VIEW ANY COLUMN MASTER KEY permission.

目录视图中仅显示用户拥有的安全对象的元数据,或用户对其拥有某些权限的安全对象的元数据。The visibility of the metadata in catalog views is limited to securables that a user either owns or on which the user has been granted some permission. 有关详细信息,请参阅 Metadata Visibility ConfigurationFor more information, see Metadata Visibility Configuration.

另请参阅See Also

CREATE COLUMN MASTER KEY (Transact-SQL) CREATE COLUMN MASTER KEY (Transact-SQL)
安全性目录视图 (Transact-SQL) Security Catalog Views (Transact-SQL)
sys.column_encryption_key_values (Transact-SQL)sys.column_encryption_key_values (Transact-SQL)
Always Encrypted Always Encrypted
Always Encrypted 密钥管理概述 Overview of Key Management for Always Encrypted
管理具有安全 enclave 的 Always Encrypted 的密钥Manage keys for Always Encrypted with secure enclaves