SQLServerPSModule icon indicating copy to clipboard operation
SQLServerPSModule copied to clipboard
verified publisher icon microsoft

Add DisableFallBackToClientSide Parameter in Set-SqlColumnEncryption Cmdlet

Open skpadhy33 opened this issue 1 year ago • 1 comments

To trigger an enclave-enabled (in-place) encryption operation using the Set-SqlColumnEncryption cmdlet, one needs to specify the enclave parameters - EnclaveAttestationProtocol and EnclaveAttestationURL (as per the enclave being used). But, if the operation is found to be ineligible to be carried out on a secure enclave, then the cmdlet silently falls back to client-side mode of encryption.

This enhancement is to implement a switch parameter DisableFallBackToClientSide for the Set-SqlColumnEncryption cmdlet. On specifying this parameter, the cmdlet would error out with an appropriate error message if the operation is ineligible for in-place mode instead of silently falling back to client-side mode of encryption.

skpadhy33 avatar Sep 25 '24 13:09 skpadhy33

@Pietervanhove - is this something you guys can look into? It seems old...

I cannot find Manisha's Github handle so I cannot assign it to her...

Matteo-T avatar Mar 03 '25 11:03 Matteo-T

This was fixed in 22.4.5.1

Matteo-T avatar Jun 17 '25 10:06 Matteo-T