AzureSQL Server Exporting SSRS Key to Azure Key Vault for Scale-Out Deployments April 16, 2018939 views0 Share By IG Share You will have to agree that managing so many encryption keys for SQL Server could be a tedious job. With Azure Storage Value, storing and distributing keys is even more accessible, and one of the use-cases that I will discuss is exporting SSRS key to Azure Key Vault. Exporting SSRS Key to Azure Key Vault The Azure Key Vault provides you a complete end-to-end solution to encrypt and store keys and small client-secrets like passwords that use keys stored in HSM’s (hardware security modules). Since this is provided as a service by Microsoft on Azure, you do not need to install or provision it. However, let us get back to the topic of discussion. For SSRS, it does not matter if you have a single server or a scale-out deployment. You only need to back up one copy of the symmetric key. There is a one-to-one correspondence between a report server database and a symmetric key. Although you need to back up one copy, you might need to restore the encryption-key multiple times if you are running numerous report servers in a scale-out deployment model. Each report server instance will need its copy of the symmetric key to lock and unlock data in the report server database. Once the Storage Key is exported using either ‘rskeymgmt’ utility or SSRS config manager, you can manually import the key and store it in the Key Vault. See the screenshot below: You will need to export the encryption key locally first by using commands such as below: rskeymgmt.exe -e -f c:toolsSSRS2017_key -p BackupKeyLocal -i SQL2017 It is always a great idea to backup your encryption keys from time to time, even if you are using a secure source systems externally. Questions or suggestions are welcome in the comment section below. Disclaimer: The Questions and Answers provided on https://www.gigxp.com are for general information purposes only. We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Share What's your reaction? Excited 0 Happy 0 In Love 0 Not Sure 0 Silly 0 IG Website Twitter
TSQL How to Effectively split a string using STRING_SPLIT function in SQL server By DataGeekApril 15, 2019
Azure Azure SQL Managed Instance General Purpose vs Business Critical In this article, I will try to compare the Azure SQL Managed Instance General Purpose ...
Azure Azure SQL DTU to vCore Migration Steps for PAAS Databases on Cloud In this article, we are going to talk about Azure SQL DTU to vCore Migration. ...
Azure How To Change Azure SQL DB MAXDOP Settings Using T-SQL Command In this article, we are going to discuss how to change Azure SQL db MAXDOP ...
Azure How To Delete Azure Account Subscription Permanently & Cancel Pay If you want to delete Azure Account Subscription completely, then this article is for you. ...
