April 4, 2018 at 11:33 am
Hi Experts,
Need some powershell help. Below code, adds a "Key" to azure key vault. need help in embedding logic , if the key "CMKAuto1" aldready exists then drop and re-create the key.
This key is used in Always encryption master key.
Login-AzureRmAccount
$SubscriptionId = "hjsks13933-6df3-4da0-af08-ewwew9c749fb"
$resourceGroup = "myRSGroup"
$azureLocation = "Central US"
$akvName = "MySecuredKV"
$akvKeyName = "CMKAuto1"
$azureCtx = Set-AzureRMConteXt -SubscriptionId $SubscriptionId # Sets the context for the below cmdlets to the specified subscription.
$akvKey = Add-AzureKeyVaultKey -VaultName $akvName -Name $akvKeyName -Destination "Software" #creating the key in Azure Key Vault
Set-AzureRmKeyVaultAccessPolicy -VaultName $akvName -ResourceGroupName $resourceGroup -PermissionsToKeys get, create, delete, list, update, import, backup, restore, wrapKey,unwrapKey, sign, verify -UserPrincipalName $azureCtx.Account
similarly i want to change the logic for creating the Column encruption key and columns master key.. If they exists , go ahead and drop it and re-create the keys.
Existing code
=================
# Create a column master key metadata in the database.
$cmkName = "CMK_Auto1"
New-SqlColumnMasterKey -Name $cmkName -InputObject $database -ColumnMasterKeySettings $cmkSettings
# Create a column encryption key
$cekName = "CEK_Auto1"
New-SqlColumnEncryptionKey -Name $cekName -InputObject $database -ColumnMasterKey $cmkName
Thanks,
Sam
Viewing 0 posts
You must be logged in to reply to this topic. Login to reply