Aktualisiert eine vorhandene Verschlüsselungsschutzkomponente.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/encryptionProtector/current?api-version=2025-01-01
URI-Parameter
| Name |
In |
Erforderlich |
Typ |
Beschreibung |
|
encryptionProtectorName
|
path |
True
|
EncryptionProtectorName
|
Der Name der abzurufenden Verschlüsselungsschutzkomponente.
|
|
resourceGroupName
|
path |
True
|
string
minLength: 1
maxLength: 90
|
Der Name der Ressourcengruppe. Bei dem Namen wird die Groß-/Kleinschreibung nicht beachtet.
|
|
serverName
|
path |
True
|
string
|
Name des Servers
|
|
subscriptionId
|
path |
True
|
string
(uuid)
|
Die ID des Zielabonnements. Der Wert muss eine UUID sein.
|
|
api-version
|
query |
True
|
string
minLength: 1
|
Die API-Version, die für diesen Vorgang verwendet werden soll.
|
Anforderungstext
| Name |
Erforderlich |
Typ |
Beschreibung |
|
properties.serverKeyType
|
True
|
ServerKeyType
|
Der Verschlüsselungsschutztyp wie "ServiceManaged", "AzureKeyVault".
|
|
properties.autoRotationEnabled
|
|
boolean
|
Kennzeichen für die automatische Drehung der Schlüsseldrehung. Entweder wahr oder falsch.
|
|
properties.serverKeyName
|
|
string
|
Der Name des Serverschlüssels.
|
Antworten
| Name |
Typ |
Beschreibung |
|
200 OK
|
EncryptionProtector
|
Die Aktualisierung der Ressource 'EncryptionProtector' war erfolgreich
|
|
202 Accepted
|
|
Ressourcenvorgang akzeptiert.
Header
- Location: string
- Retry-After: integer
|
|
Other Status Codes
|
ErrorResponse
|
Unerwartete Fehlerantwort.
|
Sicherheit
azure_auth
Azure Active Directory OAuth2 Flow.
Typ:
oauth2
Ablauf:
implicit
Autorisierungs-URL:
https://login.microsoftonline.com/common/oauth2/authorize
Bereiche
| Name |
Beschreibung |
|
user_impersonation
|
Identitätswechsel ihres Benutzerkontos
|
Beispiele
Update the encryption protector to key vault
Beispielanforderung
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-7398/providers/Microsoft.Sql/servers/sqlcrudtest-4645/encryptionProtector/current?api-version=2025-01-01
{
"properties": {
"autoRotationEnabled": false,
"serverKeyName": "someVault_someKey_01234567890123456789012345678901",
"serverKeyType": "AzureKeyVault"
}
}
from azure.identity import DefaultAzureCredential
from azure.mgmt.sql import SqlManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-sql
# USAGE
python encryption_protector_create_or_update_key_vault.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = SqlManagementClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.encryption_protectors.begin_create_or_update(
resource_group_name="sqlcrudtest-7398",
server_name="sqlcrudtest-4645",
encryption_protector_name="current",
parameters={
"properties": {
"autoRotationEnabled": False,
"serverKeyName": "someVault_someKey_01234567890123456789012345678901",
"serverKeyType": "AzureKeyVault",
}
},
).result()
print(response)
# x-ms-original-file: 2025-01-01/EncryptionProtectorCreateOrUpdateKeyVault.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Sql.Models;
using Azure.ResourceManager.Sql;
// Generated from example definition: specification/sql/resource-manager/Microsoft.Sql/SQL/stable/2025-01-01/examples/EncryptionProtectorCreateOrUpdateKeyVault.json
// this example is just showing the usage of "EncryptionProtectors_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SqlServerResource created on azure
// for more information of creating SqlServerResource, please refer to the document of SqlServerResource
string subscriptionId = "00000000-1111-2222-3333-444444444444";
string resourceGroupName = "sqlcrudtest-7398";
string serverName = "sqlcrudtest-4645";
ResourceIdentifier sqlServerResourceId = SqlServerResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, serverName);
SqlServerResource sqlServer = client.GetSqlServerResource(sqlServerResourceId);
// get the collection of this EncryptionProtectorResource
EncryptionProtectorCollection collection = sqlServer.GetEncryptionProtectors();
// invoke the operation
EncryptionProtectorName encryptionProtectorName = EncryptionProtectorName.Current;
EncryptionProtectorData data = new EncryptionProtectorData
{
ServerKeyName = "someVault_someKey_01234567890123456789012345678901",
ServerKeyType = SqlServerKeyType.AzureKeyVault,
IsAutoRotationEnabled = false,
};
ArmOperation<EncryptionProtectorResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, encryptionProtectorName, data);
EncryptionProtectorResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
EncryptionProtectorData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"name": "current",
"type": "Microsoft.Sql/servers/encryptionProtector",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-7398/providers/Microsoft.Sql/servers/sqlcrudtest-4645/encryptionProtector/current",
"kind": "azurekeyvault",
"location": "West US",
"properties": {
"autoRotationEnabled": false,
"serverKeyName": "someVault_someKey_01234567890123456789012345678901",
"serverKeyType": "AzureKeyVault"
}
}
Update the encryption protector to key vault with versionless key
Beispielanforderung
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-7398/providers/Microsoft.Sql/servers/sqlcrudtest-4645/encryptionProtector/current?api-version=2025-01-01
{
"properties": {
"autoRotationEnabled": false,
"serverKeyName": "someVault_someKey",
"serverKeyType": "AzureKeyVault"
}
}
from azure.identity import DefaultAzureCredential
from azure.mgmt.sql import SqlManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-sql
# USAGE
python encryption_protector_create_or_update_key_vault_with_versionless_key.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = SqlManagementClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.encryption_protectors.begin_create_or_update(
resource_group_name="sqlcrudtest-7398",
server_name="sqlcrudtest-4645",
encryption_protector_name="current",
parameters={
"properties": {
"autoRotationEnabled": False,
"serverKeyName": "someVault_someKey",
"serverKeyType": "AzureKeyVault",
}
},
).result()
print(response)
# x-ms-original-file: 2025-01-01/EncryptionProtectorCreateOrUpdateKeyVaultWithVersionlessKey.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Sql.Models;
using Azure.ResourceManager.Sql;
// Generated from example definition: specification/sql/resource-manager/Microsoft.Sql/SQL/stable/2025-01-01/examples/EncryptionProtectorCreateOrUpdateKeyVaultWithVersionlessKey.json
// this example is just showing the usage of "EncryptionProtectors_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SqlServerResource created on azure
// for more information of creating SqlServerResource, please refer to the document of SqlServerResource
string subscriptionId = "00000000-1111-2222-3333-444444444444";
string resourceGroupName = "sqlcrudtest-7398";
string serverName = "sqlcrudtest-4645";
ResourceIdentifier sqlServerResourceId = SqlServerResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, serverName);
SqlServerResource sqlServer = client.GetSqlServerResource(sqlServerResourceId);
// get the collection of this EncryptionProtectorResource
EncryptionProtectorCollection collection = sqlServer.GetEncryptionProtectors();
// invoke the operation
EncryptionProtectorName encryptionProtectorName = EncryptionProtectorName.Current;
EncryptionProtectorData data = new EncryptionProtectorData
{
ServerKeyName = "someVault_someKey",
ServerKeyType = SqlServerKeyType.AzureKeyVault,
IsAutoRotationEnabled = false,
};
ArmOperation<EncryptionProtectorResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, encryptionProtectorName, data);
EncryptionProtectorResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
EncryptionProtectorData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"name": "current",
"type": "Microsoft.Sql/servers/encryptionProtector",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-7398/providers/Microsoft.Sql/servers/sqlcrudtest-4645/encryptionProtector/current",
"kind": "azurekeyvault",
"location": "West US",
"properties": {
"autoRotationEnabled": false,
"keyVersion": "01234567890123456789012345678901",
"serverKeyName": "someVault_someKey",
"serverKeyType": "AzureKeyVault"
}
}
Update the encryption protector to service managed
Beispielanforderung
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-7398/providers/Microsoft.Sql/servers/sqlcrudtest-4645/encryptionProtector/current?api-version=2025-01-01
{
"properties": {
"serverKeyName": "ServiceManaged",
"serverKeyType": "ServiceManaged"
}
}
from azure.identity import DefaultAzureCredential
from azure.mgmt.sql import SqlManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-sql
# USAGE
python encryption_protector_create_or_update_service_managed.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = SqlManagementClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.encryption_protectors.begin_create_or_update(
resource_group_name="sqlcrudtest-7398",
server_name="sqlcrudtest-4645",
encryption_protector_name="current",
parameters={"properties": {"serverKeyName": "ServiceManaged", "serverKeyType": "ServiceManaged"}},
).result()
print(response)
# x-ms-original-file: 2025-01-01/EncryptionProtectorCreateOrUpdateServiceManaged.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Sql.Models;
using Azure.ResourceManager.Sql;
// Generated from example definition: specification/sql/resource-manager/Microsoft.Sql/SQL/stable/2025-01-01/examples/EncryptionProtectorCreateOrUpdateServiceManaged.json
// this example is just showing the usage of "EncryptionProtectors_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SqlServerResource created on azure
// for more information of creating SqlServerResource, please refer to the document of SqlServerResource
string subscriptionId = "00000000-1111-2222-3333-444444444444";
string resourceGroupName = "sqlcrudtest-7398";
string serverName = "sqlcrudtest-4645";
ResourceIdentifier sqlServerResourceId = SqlServerResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, serverName);
SqlServerResource sqlServer = client.GetSqlServerResource(sqlServerResourceId);
// get the collection of this EncryptionProtectorResource
EncryptionProtectorCollection collection = sqlServer.GetEncryptionProtectors();
// invoke the operation
EncryptionProtectorName encryptionProtectorName = EncryptionProtectorName.Current;
EncryptionProtectorData data = new EncryptionProtectorData
{
ServerKeyName = "ServiceManaged",
ServerKeyType = SqlServerKeyType.ServiceManaged,
};
ArmOperation<EncryptionProtectorResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, encryptionProtectorName, data);
EncryptionProtectorResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
EncryptionProtectorData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"name": "current",
"type": "Microsoft.Sql/servers/encryptionProtector",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-7398/providers/Microsoft.Sql/servers/sqlcrudtest-4645/encryptionProtector/current",
"kind": "servicemanaged",
"location": "West US",
"properties": {
"serverKeyName": "ServiceManaged",
"serverKeyType": "ServiceManaged"
}
}
Definitionen
createdByType
Enumeration
Der Identitätstyp, der die Ressource erstellt hat.
| Wert |
Beschreibung |
|
User
|
|
|
Application
|
|
|
ManagedIdentity
|
|
|
Key
|
|
EncryptionProtector
Objekt
Der Serververschlüsselungsschutz.
| Name |
Typ |
Beschreibung |
|
id
|
string
(arm-id)
|
Vollqualifizierte Ressourcen-ID für die Ressource. Z. B. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
|
|
kind
|
string
|
Art der Verschlüsselungsschutzkomponente. Dies sind Metadaten, die für das Azure-Portal-Erlebnis verwendet werden.
|
|
location
|
string
|
Ressourcenspeicherort.
|
|
name
|
string
|
Der Name der Ressource
|
|
properties.autoRotationEnabled
|
boolean
|
Kennzeichen für die automatische Drehung der Schlüsseldrehung. Entweder wahr oder falsch.
|
|
properties.keyVersion
|
string
|
Die Version des Serverschlüssels, der als Verschlüsselungsschutz verwendet wird
|
|
properties.serverKeyName
|
string
|
Der Name des Serverschlüssels.
|
|
properties.serverKeyType
|
ServerKeyType
|
Der Verschlüsselungsschutztyp wie "ServiceManaged", "AzureKeyVault".
|
|
properties.subregion
|
string
|
Unterbereich der Verschlüsselungsschutzkomponente.
|
|
properties.thumbprint
|
string
|
Fingerabdruck des Serverschlüssels.
|
|
properties.uri
|
string
|
Der URI des Serverschlüssels.
|
|
systemData
|
systemData
|
Azure Resource Manager-Metadaten, die createdBy und modifiedBy-Informationen enthalten.
|
|
type
|
string
|
Der Typ der Ressource. Zum Beispiel "Microsoft. Compute/virtualMachines" oder "Microsoft. Speicher/Speicherkonten"
|
EncryptionProtectorName
Enumeration
Der Name der abzurufenden Verschlüsselungsschutzkomponente.
| Wert |
Beschreibung |
|
current
|
Strom
|
ErrorAdditionalInfo
Objekt
Der Ressourcenverwaltungsfehler zusätzliche Informationen.
| Name |
Typ |
Beschreibung |
|
info
|
object
|
Die zusätzlichen Informationen.
|
|
type
|
string
|
Der zusätzliche Informationstyp.
|
ErrorDetail
Objekt
Das Fehlerdetails.
| Name |
Typ |
Beschreibung |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
Die zusätzlichen Informationen des Fehlers.
|
|
code
|
string
|
Der Fehlercode.
|
|
details
|
ErrorDetail[]
|
Die Fehlerdetails.
|
|
message
|
string
|
Die Fehlermeldung.
|
|
target
|
string
|
Das Fehlerziel.
|
ErrorResponse
Objekt
Fehlerantwort
| Name |
Typ |
Beschreibung |
|
error
|
ErrorDetail
|
Das Fehlerobjekt.
|
ServerKeyType
Enumeration
Der Verschlüsselungsschutztyp wie "ServiceManaged", "AzureKeyVault".
| Wert |
Beschreibung |
|
ServiceManaged
|
ServiceManaged
|
|
AzureKeyVault
|
AzureKeyVault
|
systemData
Objekt
Metadaten zur Erstellung und letzten Änderung der Ressource.
| Name |
Typ |
Beschreibung |
|
createdAt
|
string
(date-time)
|
Der Zeitstempel der Ressourcenerstellung (UTC).
|
|
createdBy
|
string
|
Die Identität, die die Ressource erstellt hat.
|
|
createdByType
|
createdByType
|
Der Identitätstyp, der die Ressource erstellt hat.
|
|
lastModifiedAt
|
string
(date-time)
|
Der Zeitstempel der letzten Änderung der Ressource (UTC)
|
|
lastModifiedBy
|
string
|
Die Identität, die die Ressource zuletzt geändert hat.
|
|
lastModifiedByType
|
createdByType
|
Der Identitätstyp, der die Ressource zuletzt geändert hat.
|