DROP COLUMN MASTER KEY (Transact-SQL)

Applies to: SQL Server 2016 (13.x) and later Azure SQL Database Azure SQL Managed Instance

Drops a column master key from a database. This is a metadata operation.

Transact-SQL syntax conventions

Syntax

DROP COLUMN MASTER KEY key_name;  

Arguments

key_name
The name of the column master key.

Remarks

The column master key can only be dropped if there are no column encryption key values encrypted with the column master key. To drop column encryption key values, use the DROP COLUMN ENCRYPTION KEY statement.

Permissions

Requires ALTER ANY COLUMN MASTER KEY permission on the database.

Examples

A. Dropping a column master key

The following example drops a column master key called MyCMK.

DROP COLUMN MASTER KEY MyCMK;  
GO  

See Also

CREATE COLUMN MASTER KEY (Transact-SQL)
CREATE COLUMN ENCRYPTION KEY (Transact-SQL)
DROP COLUMN ENCRYPTION KEY (Transact-SQL)
sys.column_master_keys (Transact-SQL)
Always Encrypted
Always Encrypted with secure enclaves
Overview of Key Management for Always Encrypted
Manage keys for Always Encrypted with secure enclaves