commands

Clear
^

Get-DbaDbEncryptionKey
Author Chrissy LeMaire (@cl), netnerds.net
Availability Windows, Linux, macOS

 

Want to see the source code for this command? Check out Get-DbaDbEncryptionKey on GitHub.
Want to see the Bill Of Health for this command? Check out Get-DbaDbEncryptionKey.

Synopsis

Gets database encryption keys

Description

Gets database encryption keys

Syntax

Get-DbaDbEncryptionKey
    [[-SqlInstance] <DbaInstanceParameter[]>]
    [[-SqlCredential] <PSCredential>]
    [[-Database] <String[]>]
    [[-ExcludeDatabase] <String[]>]
    [[-InputObject] <Database[]>]
    [-EnableException]
    [<CommonParameters>]

 

Examples

 

Example: 1
PS C:\> Get-DbaDbEncryptionKey -SqlInstance sql2016

Gets all encryption keys from sql2016

Example: 2
PS C:\> Get-DbaDbEncryptionKey -SqlInstance sql01 -Database db1

Gets the encryption key for the db1 database on the sql01 instance

Example: 3
PS C:\> Get-DbaDbEncryptionKey -SqlInstance sql01 -Database db1 -Certificate cert1

Gets the cert1 encryption key within the db1 database

Example: 4
PS C:\> Get-DbaDbEncryptionKey -SqlInstance sql01 -Database db1 -Subject 'Availability Group Cert'

Gets the encryption key within the db1 database that has the subject 'Availability Group Cert' on sql01

Optional Parameters

-SqlInstance

The target SQL Server instance
Alias
Required False
Pipeline false
Default Value
-SqlCredential

Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential). Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported. For MFA support, please use Connect-DbaInstance.
Alias
Required False
Pipeline false
Default Value
-Database

Get encryption key from specific database
Alias
Required False
Pipeline false
Default Value
-ExcludeDatabase

Database(s) to ignore when retrieving encryption keys
Alias
Required False
Pipeline false
Default Value
-InputObject

Enables piping from Get-DbaDatabase
Alias
Required False
Pipeline true (ByValue)
Default Value
-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.
Alias
Required False
Pipeline false
Default Value False