Manage DEK keys (use with TDE) outside a Linux SQL Server (encryption decryption)

Dylan Lucas Meierhofer 1 Reputation point
2022-12-08T07:31:27.16+00:00

Hello Everyone

I have a request regarding the management of encryption keys used on a linux SQL server (running on Azure Kubernetes services).

The SQL Server Linux documentation states that SQL Server for Linux does not support EKM (external DEK management for TDE encryption for example).
However, on this EKM doc, all SQL Server versions support EKM https://learn.microsoft.com/en-us/sql/relational-databases/security/encryption/extensible-key-management-ekm?view=sql-server-linux-ver15

Is it possible to use Linux SQL Server (in a Kubernetes container/pod), enable TDE encryption, and to manage the TDE key outside of it? For example, in an EKM ?
The goal is to encrypt and decrypt the DEK key outside the SQL server.

Do you know of an alternative ?

Thanks in advance.

Dylan

Not Monitored
Not Monitored
Tag not monitored by Microsoft.
41,480 questions
0 comments No comments
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.