New-DbaDbAsymmetricKey

Want to see the source code for this command? Check out New-DbaDbAsymmetricKey on GitHub.
Want to see the Bill Of Health for this command? Check out New-DbaDbAsymmetricKey.

Synopsis

Creates a new database asymmetric key

Description

Creates a new database asymmetric key. If no database is specified, the asymmetric key will be created in master.

Syntax

New-DbaDbAsymmetricKey
    [[-SqlInstance] <DbaInstanceParameter[]>]
    [[-SqlCredential] <PSCredential>]
    [[-Name] <String[]>]
    [[-Database] <String[]>]
    [[-SecurePassword] <SecureString>]
    [[-Owner] <String>]
    [[-KeySource] <String>]
    [[-KeySourceType] <String>]
    [[-InputObject] <Database[]>]
    [[-Algorithm] <String>]
    [-EnableException]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Examples

Example: 1

PS C:\> New-DbaDbAsymmetricKey -SqlInstance Server1

You will be prompted to securely enter your password, then an asymmetric key will be created in the master database on server1 if it does not exist.

Example: 2

PS C:\> New-DbaDbAsymmetricKey -SqlInstance Server1 -Database db1 -Confirm:$false

Suppresses all prompts to install but prompts to securely enter your password and creates an asymmetric key in the 'db1' database

Example: 3

PS C:\> New-DbaDbAsymmetricKey -SqlInstance Server1 -Database enctest -KeySourceType File -KeySource c:\keys\NewKey.snk -Name BackupKey -Owner KeyOwner

Installs the key pair held in NewKey.snk into the enctest database creating an AsymmetricKey called BackupKey, which will be owned by KeyOwner

Optional Parameters

-SqlInstance

The target SQL Server instance or instances.

-SqlCredential

Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential).
Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported.
For MFA support, please use Connect-DbaInstance.

-Name

Optional name to create the asymmetric key. Defaults to database name.

-Database

The database where the asymmetric key will be created. Defaults to master.

-SecurePassword

Optional password - if no password is supplied, the password will be protected by the master key

-Owner

User within the database who will own the key. Defaults to the user creating the key if not specified. User must exist withing the database already

-KeySource

The path to the Executable, File or Assembly to be passed in.
The path is parsed by the SQL Server instance, so needs to be visible to the instance

-KeySourceType

The source of external keys loaded in, can be one of Executable, File or Assembly
We do not currently support Provider

-InputObject

Enables piping from Get-DbaDatabase

-Algorithm

The algorithm used to generate the key. Can be one of RSA512, RSA1024, RSA1024, RSA2048, RSA3072 or RSA4096. If not specified RSA2048 is the default
This value will be ignored when KeySource is supplied, as the algorithm is embedded in the KeySource

-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.

-WhatIf

Shows what would happen if the command were to run. No actions are actually performed.

-Confirm

Prompts you for confirmation before executing any changing operations within the command.