Set-AzSqlServerTransparentDataEncryptionProtector

Reference

Module:: Az.Sql

Sets the Transparent Data Encryption (TDE) protector for a SQL server.

Syntax

Set-AzSqlServerTransparentDataEncryptionProtector
   [-Type] <EncryptionProtectorType>
   [[-KeyId] <String>]
   [-AutoRotationEnabled <Boolean>]
   [-Force]
   [-AsJob]
   [-ServerName] <String>
   [-ResourceGroupName] <String>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The Set-AzSqlServerTransparentDataEncryptionProtector cmdlet sets the TDE protector for a SQL server. Changing the TDE protector type will rotate the protector.

Examples

Example 1: Set the Transparent Data Encryption (TDE) protector type to ServiceManaged

Set-AzSqlServerTransparentDataEncryptionProtector -Type ServiceManaged -ServerName 'ContosoServer' -ResourceGroupName 'ContosoResourceGroup'

ResourceGroupName    ServerName                   Type ServerKeyVaultKeyName
-----------------    ----------                   ---- ---------------------
ContosoResourceGroup ContosoServer      ServiceManaged ServiceManaged

This command updates a server's TDE protector type to Service Managed.

Example 2: Set the Transparent Data Encryption protector type to Azure Key Vault

Set-AzSqlServerTransparentDataEncryptionProtector -Type AzureKeyVault -KeyId 'https://contoso.vault.azure.net/keys/contosokey/01234567890123456789012345678901' -ServerName 'ContosoServer' -ResourceGroupName 'ContosoResourceGroup'

ResourceGroupName    ServerName                   Type ServerKeyVaultKeyName
-----------------    ----------                   ---- ---------------------
ContosoResourceGroup ContosoServer       AzureKeyVault contoso_contosokey_01234567890123456789012345678901

This command updates a server to use the Server Key Vault Key with Id 'https://contoso.vault.azure.net/keys/contosokey/01234567890123456789012345678901' as the TDE protector.

Example 3

Sets the Transparent Data Encryption (TDE) protector for a SQL server. (autogenerated)

Set-AzSqlServerTransparentDataEncryptionProtector -AutoRotationEnabled $false -KeyId 'https://contoso.vault.azure.net/keys/contosokey/0000000000000000000000000000000000000' -ResourceGroupName 'ContosoResourceGroup' -ServerName 'ContosoServer' -Type AzureKeyVault

Parameters

-AsJob

Run cmdlet in the background

Type:	SwitchParameter
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-AutoRotationEnabled

The key auto rotation opt-in status.

Type:	Nullable<T>[Boolean]
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure

Type:	IAzureContextContainer
Aliases:	AzContext, AzureRmContext, AzureCredential
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Force

Skip confirmation message for performing the action

Type:	SwitchParameter
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-KeyId

The Azure Key Vault KeyId.

Type:	String
Position:	3
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-ResourceGroupName

The name of the resource group

Type:	String
Position:	0
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-ServerName

The Azure Sql Server name.

Type:	String
Position:	1
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-Type

The Azure Sql Database TDE protector type.

Type:	EncryptionProtectorType
Accepted values:	AzureKeyVault, ServiceManaged
Position:	2
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

EncryptionProtectorType

String

Outputs

AzureSqlServerTransparentDataEncryptionProtectorModel

SQL Database Documentation

Compartilhar via

Set-AzSqlServerTransparentDataEncryptionProtector

Syntax

Description

Examples

Example 1: Set the Transparent Data Encryption (TDE) protector type to ServiceManaged

Example 2: Set the Transparent Data Encryption protector type to Azure Key Vault

Example 3

Parameters

-AsJob

-AutoRotationEnabled

-Confirm

-DefaultProfile

-Force

-KeyId

-ResourceGroupName

-ServerName

-Type

-WhatIf

Inputs

Outputs

Recursos adicionais

Compartilhar via

Set-AzSqlServerTransparentDataEncryptionProtector

Syntax

Description

Examples

Example 1: Set the Transparent Data Encryption (TDE) protector type to ServiceManaged

Example 2: Set the Transparent Data Encryption protector type to Azure Key Vault

Example 3

Parameters

-AsJob

-AutoRotationEnabled

-Confirm

-DefaultProfile

-Force

-KeyId

-ResourceGroupName

-ServerName

-Type

-WhatIf

Inputs

Outputs

Related Links

Recursos adicionais