CategorySQL Server

Bring Your Own Key to Azure SQL Database Managed Instance TDE

Last year Azure SQL Database Managed Instance saw the introduction of bring your own key (BYOK) functionality for transparent data encryption (TDE). This functionality has been in the singleton database version of Azure SQL Database for a while longer and you can read about how to use that here. The experience between the two is very similar, but let’s focus on the Managed Instance side of...

Working with SQL Server Data Files

Most people connect to a database, create tables, run update statements, tune queries, add indexes, and never once think about the underlying data and log files that support all these operations. Database administrators know the importance of managing those files. There are a lot of questions and things to consider. How many data files do I need?How many log files do I need?How should I configure...

Collecting Server Performance Metrics: PowerShell

In a recent post I wrote about collecting server performance metrics using Performance Monitor, a free utility built into Windows. With a little work up front, we are able to collect metrics for minutes, hours, or even days to gain insights into how our servers are being used. I often use this to evaluate SQL Servers that my customers are migrating to Azure. It helps me figure out if their...

Collecting Server Performance Metrics: Performance Monitor

Whether you’re a DBA/administrator looking to tune a server, planning for hardware updates, or looking to make a move to the cloud there are a few key performance metrics you’re going to want to collect. How do you know if the bottleneck is memory, disk or CPU? How do you know which of the Azure VM sizes to choose? The answer to these questions and other lies in the performance...

Bring Your Own Key to Azure SQL Database TDE New UI

In a recent post I wrote about a new functionality for Azure SQL Database’s TDE feature: Bring Your Own Key. At the time the only way to bring your own key was through PowerShell and T-SQL. Thankfully, that has changed. A recent update added a UI for managing your TDE keys using Azure Key Vault. Check out the quick, easy details below on setup and configuration. Before you start...

Bring Your Own Key to Azure SQL Database TDE

I have previously written about using Transparent Data Encryption (TDE) with Azure Key Vaule as a great way to store and manage encryption keys for SQL Server. With Azure SQL Database there has long been an option to enable TDE with just the click of a button. A lot of users I talk to say that is great, but they need to be able to manage the keys themselves. That could be for a variety of...

State of the Cloud Database: April 2018

It’s an exciting time to be a database professional. The technology is advancing quickly, large datasets are easier to handle than ever before, and the cloud is opening up new functionality and use cases that we couldn’t tackle before. My fellow database professionals, I tell you today that the state of the cloud database is strong! Today we explore three of the platform as a service...

New Azure SQL Database Pricing Model

Azure SQL Database has some great built-in features that are included in the price like automatic backups, high availability, auditing and threat detection, transparent data encryption. No matter how excited people are when I talk to them about Azure SQL DB there is one topic that causes confusion. Every. Single. Time. That topic is sizing. “What the heck is that DTU thing and how many of...

New Azure SQL Database Pricing Model

Azure SQL Database has some great built-in features that are included in the price like automatic backups, high availability, auditing and threat detection, transparent data encryption. No matter how excited people are when I talk to them about Azure SQL DB there is one topic that causes confusion. Every. Single. Time. That topic is sizing. “What the heck is that DTU thing and how many of...

Always Encrypted with Azure Key Vault

I recently wrote a post about using Transparent Data Encryption (TDE) with Azure Key Vault as an alternative to managing certificates. Today’s post will explore using SQL Server’s Always Encrypted functionality with Azure Key Vault. Always Encrypted, as with TDE, can use Windows certificates or what an external storage location such as a Hardware Security Module (HSM) or Azure Key...

Bradley Schacht

Bradley Schacht is a Senior Program Manager on the Microsoft Azure Synapse Analytics team based in Jacksonville, FL. He has worked with Microsoft SQL Server and Azure data services since 2009 as a consultant, trainer, and architect. He has co-authored 4 SQL Server and Power BI books, most recently the Microsoft Power BI Quick Start Guide. Bradley enjoys solving interesting problems and teaching others to use new technology. He frequently presents at community events around the country, is a contributor to sites such as SQLServerCentral.com, and is a member of the Jacksonville SQL Server User Group (JSSUG).

Follow Me