Vault EKM provider for SQL server
Enterprise
Requires Vault Enterprise with Advanced Data Protection Key Management module.
Microsoft SQL Server supports Transparent Data Encryption (TDE). The Database Encryption Keys (DEK) can be protected by asymmetric Key Encryption Keys (KEK) managed by Vault's Transit secret engine using SQL Server's Extensible Key Management (EKM).
See installation and configuration for help getting started with the Vault EKM provider for SQL Server.
Features
The following features are supported by the Vault EKM provider:
- Management of KEK with Transit secret engine using
rsa-2048key cipher - AppRole auth