commands

^

New-DbaDbAsymmetricKey

Author Stuart Moore (@napalmgram), stuart-moore.com
Availability Windows, Linux, macOS

 

Synopsis

Creates a new database asymmetric key

Description

Creates a new database asymmetric key. If no database is specified, the asymmetric key will be created in master.

Syntax

New-DbaDbAsymmetricKey
    [[-SqlInstance] <DbaInstanceParameter[]>]
    [[-SqlCredential] <PSCredential>]
    [[-Name] <String[]>]
    [[-Database] <String[]>]
    [[-SecurePassword] <SecureString>]
    [[-Owner] <String>]
    [[-KeySource] <String>]
    [[-KeySourceType] <String>]
    [[-InputObject] <Database[]>]
    [[-Algorithm] <String>]
    [-EnableException]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

 

Examples

 

Example: 1
PS C:\> New-DbaDbAsymmetricKey -SqlInstance Server1

You will be prompted to securely enter your password, then an asymmetric key will be created in the master database on server1 if it does not exist.

Example: 2
PS C:\> New-DbaDbAsymmetricKey -SqlInstance Server1 -Database db1 -Confirm:$false

Suppresses all prompts to install but prompts to securely enter your password and creates an asymmetric key in the 'db1' database

Example: 3
PS C:\> New-DbaDbAsymmetrickKey -SqlInstance Server1 -Database enctest -KeySourceType File -KeySource c:\keys\NewKey.snk -Name BackupKey -Owner KeyOwner

Installs the key pair held in NewKey.snk into the enctest database creating an AsymmetricKey called BackupKey, which will be owned by KeyOwner

Optional Parameters

-SqlInstance

The target SQL Server instance or instances.

Alias
Required False
Pipeline false
Default Value
-SqlCredential

Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential). Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported. For MFA support, please use Connect-DbaInstance.

Alias
Required False
Pipeline false
Default Value
-Name

Optional name to create the asymmetric key. Defaults to database name.

Alias
Required False
Pipeline false
Default Value
-Database

The database where the asymmetric key will be created. Defaults to master.

Alias
Required False
Pipeline false
Default Value master
-SecurePassword

Optional password - if no password is supplied, the password will be protected by the master key

Alias Password
Required False
Pipeline false
Default Value
-Owner

User within the database who will own the key. Defaults to the user creating the key if not specified. User must exist withing the database already

Alias
Required False
Pipeline false
Default Value
-KeySource

The path to the Executable, File or Assembly to be passed in. The path is parsed by the SQL Server instance, so needs to visiable to the instance

Alias
Required False
Pipeline false
Default Value
-KeySourceType

The source of external keys loaded in, can be one of Executable, File or Assemnly We do not currently support Provider

Alias
Required False
Pipeline false
Default Value
Accepted Values Executable,File,SqlAssembly
-InputObject

Enables piping from Get-DbaDatabase

Alias
Required False
Pipeline true (ByValue)
Default Value
-Algorithm

The algorithm used to generate the key. Can be one of RSA512, RSA1024, RSA1024, RSA2048, RSA3072 or RSA4096. If not specified RSA2048 is the default This value will be ignored when KeySource is supplied, as the algorithm is embedded in the KeySource

Alias
Required False
Pipeline false
Default Value Rsa2048
Accepted Values Rsa4096,Rsa3072,Rsa2048,Rsa1024,Rsa512
-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.

Alias
Required False
Pipeline false
Default Value False
-WhatIf

Shows what would happen if the command were to run. No actions are actually performed.

Alias wi
Required False
Pipeline false
Default Value
-Confirm

Prompts you for confirmation before executing any changing operations within the command.

Alias cf
Required False
Pipeline false
Default Value

 

Want to see the source code for this command? Check out New-DbaDbAsymmetricKey on GitHub.
Want to see the Bill Of Health for this command? Check out New-DbaDbAsymmetricKey.