Skip to content

sys-column-master-keys-transact-sql.md

Latest commit

 

History

History
61 lines (51 loc) · 3.96 KB

sys-column-master-keys-transact-sql.md

File metadata and controls

61 lines (51 loc) · 3.96 KB
title sys.column_master_keys (Transact-SQL) | Microsoft Docs
ms.custom
ms.date 10/15/2019
ms.prod sql
ms.prod_service database-engine, sql-database
ms.reviewer
ms.technology system-objects
ms.topic language-reference
f1_keywords
column_master_key_definitions_TSQL
column_master_key_definitions
sys.column_master_key_definitions_TSQL
sys.column_master_key_definitions
column_master_keys_TSQL
column_master_keys
sys.column_master_keys_TSQL
sys.column_master_keys
dev_langs
TSQL
helpviewer_keywords
sys.column_master_key_definitions catalog view
sys.column_master_keys catalog view
ms.assetid fbec2efa-5fe9-4121-9b34-60497b0b2aca
author jaszymas
ms.author jaszymas
monikerRange =azuresqldb-current||>=sql-server-2016||=sqlallproducts-allversions||>=sql-server-linux-2017||=azuresqldb-mi-current

sys.column_master_keys (Transact-SQL)

[!INCLUDEtsql-appliesto-ss2016-asdb-xxxx-xxx-md]

Returns a row for each database master key added by using the CREATE MASTER KEY statement. Each row represents a single column master key (CMK).

Column name Data type Description
name sysname The name of the CMK.
column_master_key_id int ID of the column master key.
create_date datetime Date the column master key was created.
modify_date datetime Date the column master key was last modified.
key_store_provider_name sysname Name of the provider for the column master key store that contains the CMK. Allowed values are:

MSSQL_CERTIFICATE_STORE - If the column master key store is a Certificate Store.

A user-defined value, if the column master key store is of a custom type.
key_path nvarchar(4000) A column master key store-specific path of the key. The format of the path depends on the column master key store type. Example:

'CurrentUser/Personal/'<thumbprint>

For a custom column master key store, the developer is responsible for defining what a key path is for the custom column master key store.
allow_enclave_computations bit Indicates if the column master key is enclave-enabled, (if column encryption keys, encrypted with this master key, can be used for computations inside server-side secure enclaves). For more information, see Always Encrypted with secure enclaves.
signature varbinary(max) A digital signature of key_path and allow_enclave_computations, produced using the column master key, referenced by key_path.

Permissions

Requires the VIEW ANY COLUMN MASTER KEY permission.

[!INCLUDEssCatViewPerm] For more information, see Metadata Visibility Configuration.

See Also

CREATE COLUMN MASTER KEY (Transact-SQL)
Security Catalog Views (Transact-SQL)
sys.column_encryption_key_values (Transact-SQL)
Always Encrypted
Overview of Key Management for Always Encrypted
Manage keys for Always Encrypted with secure enclaves