| title | titleSuffix | description | author | ms.author | ms.reviewer | ms.date | ms.service | ms.subservice | ms.topic | ms.custom | ms.devlang |
|---|---|---|---|---|---|---|---|---|---|---|---|
Use PowerShell to enable transparent data encryption |
Azure SQL Managed Instance |
Enable transparent data encryption in Azure SQL Managed Instance using PowerShell and your own key. |
MladjoA |
mlandzic |
vanto |
05/18/2022 |
sql-managed-instance |
security |
conceptual |
kr2b-contr-experiment, devx-track-azurepowershell |
powershell |
[!INCLUDEappliesto-sqldb]
This PowerShell script example configures transparent data encryption (TDE) in Azure SQL Managed Instance, using a customer-managed key from Azure Key Vault. This is often referred to as a bring-your-own-key (BYOK) scenario for TDE. To learn more, see Azure SQL Transparent Data Encryption with customer-managed key.
- An existing managed instance. See Use PowerShell to create a managed instance.
[!INCLUDE quickstarts-free-trial-note] [!INCLUDE updated-for-az] [!INCLUDE cloud-shell-try-it.md]
Using PowerShell locally or using Azure Cloud Shell requires Azure PowerShell 2.3.2 or a later version. If you need to upgrade, see Install Azure PowerShell module, or run the below sample script to install the module for the current user:
Install-Module -Name Az -AllowClobber -Scope CurrentUser
If you are running PowerShell locally, you also need to run Connect-AzAccount to create a connection with Azure.
[!code-powershell-interactivemain]
For more information on Azure PowerShell, see Azure PowerShell documentation.
Additional PowerShell script samples for SQL Managed Instance can be found in Azure SQL Managed Instance PowerShell scripts.