| title | sys.column_master_keys (Transact-SQL) | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| description | sys.column_master_keys (Transact-SQL) | ||||||||
| author | jaszymas | ||||||||
| ms.author | jaszymas | ||||||||
| ms.date | 10/15/2019 | ||||||||
| ms.service | sql | ||||||||
| ms.subservice | system-objects | ||||||||
| ms.topic | reference | ||||||||
| f1_keywords |
|
||||||||
| helpviewer_keywords |
|
||||||||
| dev_langs |
|
||||||||
| monikerRange | =azuresqldb-current||>=sql-server-2016||>=sql-server-linux-2017||=azuresqldb-mi-current |
[!INCLUDE sqlserver2016-asdb-asdbmi]
Returns a row for each database master key added by using the CREATE MASTER KEY statement. Each row represents a single column master key (CMK).
| Column name | Data type | Description |
|---|---|---|
| name | sysname | The name of the CMK. |
| column_master_key_id | int | ID of the column master key. |
| create_date | datetime | Date the column master key was created. |
| modify_date | datetime | Date the column master key was last modified. |
| key_store_provider_name | sysname | Name of the provider for the column master key store that contains the CMK. Allowed values are: MSSQL_CERTIFICATE_STORE - If the column master key store is a Certificate Store. A user-defined value, if the column master key store is of a custom type. |
| key_path | nvarchar(4000) | A column master key store-specific path of the key. The format of the path depends on the column master key store type. Example:'CurrentUser/Personal/'<thumbprint>For a custom column master key store, the developer is responsible for defining what a key path is for the custom column master key store. |
| allow_enclave_computations | bit | Indicates if the column master key is enclave-enabled, (if column encryption keys, encrypted with this master key, can be used for computations inside server-side secure enclaves). For more information, see Always Encrypted with secure enclaves. |
| signature | varbinary(max) | A digital signature of key_path and allow_enclave_computations, produced using the column master key, referenced by key_path. |
Requires the VIEW ANY COLUMN MASTER KEY permission.
[!INCLUDEssCatViewPerm] For more information, see Metadata Visibility Configuration.
CREATE COLUMN MASTER KEY (Transact-SQL)
Security Catalog Views (Transact-SQL)
sys.column_encryption_key_values (Transact-SQL)
Always Encrypted
Overview of Key Management for Always Encrypted
Manage keys for Always Encrypted with secure enclaves