SQL Server Transparent Data Encryption and Extensible Key Management Using Azure Key Vault – Part 4

Configure SQL Server

This is Part: 4 of a 4-part blog series:

After setting up Azure Active Directory and registering the AAD Application and additionally creating an Azure Key Vault, the next step is to put it all together in SQL Server where you can create credentials (to talk to Azure Key Vault), create an asymmetric key and use that key to configure/encrypt a database with TDE.


Refer to B. Frequently Asked Questions to see a note about the minimum permission levels needed for each action in this section.


Step 1: Launch sqlcmd.exe or SQL Server Management Studio (SSMS):