VOOZH

URL: https://learn.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-enclaves-manage-keys?view=sql-server-ver17

⇱ Manage keys for Always Encrypted with secure enclaves - SQL Server | Microsoft Learn

Note

Access to this page requires authorization. You can try signing in or .

Access to this page requires authorization. You can try .

Manage keys for Always Encrypted with secure enclaves

Applies to: 👁 Image
SQL Server 2019 (15.x) and later versions on Windows 👁 Image
Azure SQL Database

Always Encrypted with secure enclaves extends key management for Always Encrypted by introducing enclave-enabled keys:

Enclave-enabled column master key - a column master key that is created with the ENCLAVE_COMPUTATIONS property specified in the column master key metadata object inside the database.
Enclave-enabled column encryption key - a column encryption key that is encrypted with an enclave-enabled column master key. Only enclave-enabled column encryption keys can be used for computations inside a server-side secure enclave.

The general guidelines and processes for managing Always Encrypted keys apply to managing enclave-enabled keys.

Managing keys

The following articles discuss the aspects specific to managing enclave-enabled keys.

Next steps

Provision enclave-enabled keys

See also

Feedback

Was this page helpful?

Additional resources

Last updated on