SQL Server on Linux gets a vital security update for Azure Key Vault integration

SQL Server on Linux gets a vital security update for Azure Key Vault integration

Home » News » SQL Server on Linux gets a vital security update for Azure Key Vault integration
Table of Contents
Linux mascot Tux

Microsoft has introduced that SQL Server 2022 CU18 and later, working on Azure Linux Digital Machines, now helps Managed Identification for authenticating Azure Key Vault. This replace addresses the long-standing want for a safer and streamlined method to handle encryption keys. This replace will make entry to Azure Key Vault safer.

As a little bit of background, Managed Identification permits Azure companies to authenticate with out embedding credentials in code by way of Microsoft Entra ID. Azure Key Vault is a cloud service that allows you to securely retailer and handle a spread of knowledge together with cryptographic keys, secrets and techniques, and certificates.

One of many core advantages of this replace is the simplification of the configuration of Clear Information Encryption (TDE) for SQL databases. TDE is beneficial as a result of it encrypts information at relaxation (on disk) inside a database, providing you with extra safety in opposition to unauthorized entry to information information. TDE is ready to shield information at relaxation due to real-time I/O encryption/decryption on the web page stage.

Now that Managed Identification for authenticating Azure Key Vault is right here, customers now not present a SECRET argument when creating credentials for TDE. This implies it’s a extra streamlined course of and enhances safety by eradicating the necessity to move delicate secrets and techniques.

This transformation applies to anybody with an Azure Linux VM with SQL Server 2022 CU18 (or later put in) and a user-assigned Managed Identification have to be created and assigned to the Azure Linux VM. Lastly, you will need to even have an Azure Key Vault arrange with the mandatory keys.

Microsoft says that the Managed Identification requires the Key Vault Crypto Service Encryption Person function to carry out key wrap and unwrap operations and that the mssql-conf instrument is used to set the Managed Identification as the first id for the SQL Server occasion on the Linux VM. To be taught extra, take a look at Microsoft’s setup information in its announcement.

author avatar
roosho Senior Engineer (Technical Services)
I am Rakib Raihan RooSho, Jack of all IT Trades. You got it right. Good for nothing. I try a lot of things and fail more than that. That's how I learn. Whenever I succeed, I note that in my cookbook. Eventually, that became my blog. 
See Full Bio
IT Support Specialist Server and Storage Specialist Dell MidRange Storage Solutions Specialist
social network icon social network icon social network icon social network icon social network icon

share this article.

related posts .

close menu icon

Enjoying my articles?

Sign up to get new content delivered straight to your inbox.

Please enable JavaScript in your browser to complete this form.
Name