New-SqlColumnEncryptionSettings

Creates a SqlColumnEncryptionSettings object that encapsulates information about a single column's encryption, including CEK and encryption type.

Syntax

New-SqlColumnEncryptionSettings
   [-ColumnName] <String>
   [-EncryptionType] <String>
   [[-EncryptionKey] <String>]
   [<CommonParameters>]

Description

The New-SqlColumnEncryptionSettings cmdlet creates a SqlColumnEncryptionSettings object. The SqlColumnEncryptionSettings object encapsulates information about the Always Encrypted settings for a single database columns, including the encryption type and the column encryption key.

Module requirements: version 21+ on PowerShell 5.1; version 22+ on PowerShell 7.x.

Examples

Example 1: Create an encrypted SqlColumnEncryptionSettings object for a column

PS C:\> $EncryptionSettings = New-SqlColumnEncryptionSettings dbo.Person.LastName "Deterministic" MyCEK

This command creates a SqlColumnEncryptionSettings object for the column named dbo.Person.LastName, specifying the deterministic encryption and column encryption key named MyCEK for the column. The command stores the result in the variable named $EncryptionSettings.

Example 2: Create an unencrypted SqlColumnEncryptionSettings object for a column

PS C:\> $EncryptionSettings = New-SqlColumnEncryptionSettings dbo.Person.FirstName "Plaintext"

This command creates a SqlColumnEncryptionSettings object for the dbo.Person.FirstName column, specifying the column is not encrypted. The command stores the result in the variable named $EncryptionSettings.

Parameters

-ColumnName

Specifies the name of the database column that uses the following format: [<schemaName>.]<tableName>.<columnName>.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-EncryptionKey

Specifies the name of the column encryption key object. This argument is not allowed if the EncryptionType parameter value is set to Plaintext.

Type:String
Position:2
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EncryptionType

Specifies the type of encryption. The acceptable values for this parameter are:

  • Deterministic, for deterministic encryption
  • Randomized, for randomized encryption
  • Plaintext, indicating that the column is not encrypted.
Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

Outputs

SqlColumnEncryptionSettings