mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-24 16:11:08 +02:00
0660ea6fac
* Update README Let contributors know that docs will now be located in UDR * Add comments to each mdx doc Comment has been added to all mdx docs that are not partials * chore: added changelog changelog check failure * wip: removed changelog * Fix content errors * Doc spacing * Update website/content/docs/deploy/kubernetes/vso/helm.mdx Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com> --------- Co-authored-by: jonathanfrappier <92055993+jonathanfrappier@users.noreply.github.com> Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
38 lines
1.8 KiB
Plaintext
38 lines
1.8 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Vault EKM provider for SQL Server
|
|
description: >-
|
|
The Vault EKM module for Microsoft SQL Server allows Vault to act as a provider for TDE.
|
|
---
|
|
|
|
> [!IMPORTANT]
|
|
> **Documentation Update:** Product documentation, which were located in this repository under `/website`, are now located in [`hashicorp/web-unified-docs`](https://github.com/hashicorp/web-unified-docs), colocated with all other product documentation. Contributions to this content should be done in the `web-unified-docs` repo, and not this one. Changes made to `/website` content in this repo will not be reflected on the developer.hashicorp.com website.
|
|
|
|
# Vault EKM provider for SQL server
|
|
|
|
<EnterpriseAlert product="vault">
|
|
Requires
|
|
<a href="https://www.hashicorp.com/products/vault/pricing">Vault Enterprise</a>
|
|
with <b>Advanced Data Protection Key Management</b> module.
|
|
</EnterpriseAlert>
|
|
|
|
Microsoft SQL Server supports [Transparent Data Encryption][tde] (TDE). The
|
|
Database Encryption Keys (DEK) can be protected by asymmetric Key Encryption
|
|
Keys (KEK) managed by Vault's [Transit][transit] secret engine using SQL Server's
|
|
[Extensible Key Management][tde] (EKM).
|
|
|
|
[tde]: https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/transparent-data-encryption?view=sql-server-ver15
|
|
[ekm]: https://docs.microsoft.com/sql/relational-databases/security/encryption/extensible-key-management-ekm?view=sql-server-ver15
|
|
[transit]: /vault/docs/secrets/transit
|
|
|
|
|
|
See [installation](/vault/docs/platform/mssql/installation) and [configuration](/vault/docs/platform/mssql/configuration)
|
|
for help getting started with the Vault EKM provider for SQL Server.
|
|
|
|
## Features
|
|
|
|
The following features are supported by the Vault EKM provider:
|
|
|
|
* Management of KEK with Transit secret engine using `rsa-2048` key cipher
|
|
* AppRole auth
|