DROP COLUMN MASTER KEY (Transact-SQL)
Applies to: SQL Server 2016 (13.x) and later Azure SQL Database Azure SQL Managed Instance
Drops a column master key from a database. This is a metadata operation.
Transact-SQL syntax conventions
Syntax
DROP COLUMN MASTER KEY key_name;
Arguments
key_name
The name of the column master key.
Remarks
The column master key can only be dropped if there are no column encryption key values encrypted with the column master key. To drop column encryption key values, use the DROP COLUMN ENCRYPTION KEY statement.
Permissions
Requires ALTER ANY COLUMN MASTER KEY permission on the database.
Examples
A. Dropping a column master key
The following example drops a column master key called MyCMK
.
DROP COLUMN MASTER KEY MyCMK;
GO
See Also
CREATE COLUMN MASTER KEY (Transact-SQL)
CREATE COLUMN ENCRYPTION KEY (Transact-SQL)
DROP COLUMN ENCRYPTION KEY (Transact-SQL)
sys.column_master_keys (Transact-SQL)
Always Encrypted
Always Encrypted with secure enclaves
Overview of Key Management for Always Encrypted
Manage keys for Always Encrypted with secure enclaves