Rediger

Del via


sys.column_encryption_key_values (Transact-SQL)

Applies to: SQL Server Azure SQL Database Azure SQL Managed Instance

Returns information about encrypted values of column encryption keys (CEKs) created with either the CREATE COLUMN ENCRYPTION KEY or the ALTER COLUMN ENCRYPTION KEY (Transact-SQL) statement. Each row represents a value of a CEK, encrypted with a column master key (CMK).

Column name Data type Description
column_encryption_key_id int ID of the CEK in the database.
column_master_key_id int ID of the column master key that was used to encrypt the CEK value.
encrypted_value varbinary(8000) CEK value encrypted with the CMK specified in column_master_key_id.
encryption_algorithm_name sysname Name of an algorithm used to encrypt the CEK value.

Name of the encryption algorithm used to encrypt the value. The algorithm for the system providers must be RSA_OAEP.

Permissions

Requires the VIEW ANY COLUMN ENCRYPTION KEY permission.

The visibility of the metadata in catalog views is limited to securables that a user either owns, or on which the user was granted some permission. For more information, see Metadata Visibility Configuration.

See Also

CREATE COLUMN ENCRYPTION KEY (Transact-SQL)
ALTER COLUMN ENCRYPTION KEY (Transact-SQL)
DROP COLUMN ENCRYPTION KEY (Transact-SQL)
CREATE COLUMN MASTER KEY (Transact-SQL)
Security Catalog Views (Transact-SQL)
sys.column_encryption_keys (Transact-SQL)
sys.column_master_keys (Transact-SQL)
sys.columns (Transact-SQL)
Always Encrypted
Always Encrypted with secure enclaves
Overview of Key Management for Always Encrypted
Manage keys for Always Encrypted with secure enclaves