tde數據庫加密
In this article, we will review how to set up Geo-Replication on a Transparent Data Encryption (TDE) enabled Azure SQL database.
在本文中,我們將回顧如何在啟用了透明數據加密(TDE)的Azure SQL數據庫上設置地理復制。
Please refer to the Azure SQL database Geo-Replication article to configure geo-replication on an Azure SQL database. Configuring geo-replication with default Transparent Data Encryption settings i.e. using the service-managed key is straight away as explained in the above article.
oracle加密函數。 請參考Azure SQL數據庫地理復制文章以在Azure SQL數據庫上配置地理復制。 如上面的文章所述,立即使用默認的透明數據加密設置(即使用服務管理的密鑰)配置地理復制。
Configuring geo-replication is a bit different when you use your own key to encrypt the Azure SQL databases.
當您使用自己的密鑰加密Azure SQL數據庫時,配置地理復制有些不同。
The following are the steps involved in configuring geo-replication on the Azure SQL database that is encrypted using your own key:
以下是在使用您自己的密鑰加密的Azure SQL數據庫上配置地理復制所涉及的步驟:
oracle加密、 Let’s go over these steps one by one.
讓我們一步一步地進行這些步驟。
Log in to the Azure portal, search for the Azure key vaults as shown in the below image and navigate to the Azure Key vaults page:
登錄到Azure門戶,搜索下圖所示的Azure密鑰保管庫,然后導航到Azure密鑰保管庫頁面:
數據庫被加密如何打開, Click on the Add button and create an Azure Vault in the region that is the same as the primary Azure SQL database. Click on Review + create and then Create:
點擊添加按鈕 并在與主Azure SQL數據庫相同的區域中創建一個Azure Vault。 點擊Review + create ,然后點擊Create :
Similarly, create an Azure vault in the secondary region. Once the Azure vaults are created in both regions, enable soft delete option on both Azure key vaults. Soft delete option can be enabled using the Azure PowerShell module only. The Azure portal does not have the option to change the soft delete option on an Azure vault as of now.
同樣,在輔助區域中創建一個Azure保管庫。 在兩個區域中都創建了Azure保管庫之后,請在兩個Azure密鑰保管庫上啟用軟刪除選項。 只能使用Azure PowerShell模塊啟用軟刪除選項。 到目前為止,Azure門戶尚無選項可更改Azure保管庫上的軟刪除選項。
mysql數據庫加密、 Refer to the Enabling soft delete option on the Azure Key Vault section in the following article for more details: Transparent Data Encryption (TDE) on Azure SQL database
有關更多詳細信息,請參考以下文章中“ Azure密鑰保管庫”上的 “ 啟用軟刪除”選項 : Azure SQL數據庫上的透明數據加密(TDE)
Now you need to create your own key in both regions and the key should be the same in both regions. Log in to the Azure portal, navigate to the key vaults page, and click on the key vault that is created in the primary region:
現在,您需要在兩個區域中創建自己的密鑰,并且兩個區域中的密鑰應該相同。 登錄到Azure門戶,導航到密鑰庫頁面,然后單擊在主要區域中創建的密鑰庫:
數據庫加密產品、 In the Azure key vault details page, click on Keys as shown in the below image. Click on the Generate/Import button:
在Azure密鑰庫詳細信息頁面中,單擊“ 密鑰” ,如下圖所示。 單擊生成/導入按鈕:
You can create the key in different ways. Below are the three different ways to create a key in the Azure key vault:
您可以用不同的方式創建密鑰。 以下是在Azure密鑰保管庫中創建密鑰的三種不同方法:
oracle自帶的加密函數, In this case, I am importing the .pem file to create a key that will be used for enabling Transparent Data Encryption (TDE) the database:
在這種情況下,我將導入。 使用pem文件創建密鑰,該密鑰將用于啟用數據庫的透明數據加密(TDE):
Similarly, navigate to the key vault created in the secondary region and create a key by importing the same .pem file that you used in the primary region.
同樣,導航到在輔助區域中創建的密鑰保管庫,并通過導入與在主要區域中使用的相同的.pem文件來創建密鑰。
sql2000數據庫加密、 Log in to the Azure portal, click on All Resources and click on the primary SQL Server:
登錄到Azure門戶,單擊“ 所有資源” ,然后單擊主SQL Server:
Click on Transparent Data Encryption as shown in the below image. Click on Yes under Use your own key. Select the key vault in the primary region and then select the key. Click on the Save button to apply the new settings. Once the change is applied successfully, the database is encrypted using the key you created. Please refer to the below image:
單擊透明數據加密 ,如下圖所示。 單擊“使用您自己的密鑰”下的“ 是 ”。 在主要區域中選擇密鑰庫,然后選擇密鑰。 單擊保存按鈕以應用新設置。 成功應用更改后,將使用您創建的密鑰對數據庫進行加密。 請參考下圖:
oracle數據庫加密?
Similarly, navigate to the secondary SQL Server located in a different region. Configure the Transparent Data Encryption settings to use your own key in the key vault located in the secondary region:
同樣,導航到其他區域中的輔助SQL Server。 配置“透明數據加密”設置,以在二級區域中的密鑰庫中使用您自己的密鑰:
Log in to the Azure portal and click on the database that you want to geo-replicate. In this case, I am using the SampleDB database.
達夢數據庫透明加密? 登錄到Azure門戶,然后單擊要進行地理復制的數據庫。 在這種情況下,我正在使用SampleDB數據庫。
In the Azure SQL database details page, click on Geo-Replication as shown in the below image:
在Azure SQL數據庫詳細信息頁面中,單擊地理復制 ,如下圖所示:
Now in the Geo-Replication page, under the map, select the secondary region. In the secondary setup pane, select the target secondary server and click OK. Once the deployment is successfully completed, the geo-replication is configured between the primary and secondary databases successfully.
oracle tde加密。 現在,在“地理復制”頁面中的地圖下方,選擇輔助區域。 在輔助設置窗格中,選擇目標輔助服務器,然后單擊“ 確定”。 成功完成部署后,將在主數據庫和輔助數據庫之間成功配置地理復制。
Failover the database to the secondary server and verify the data and database encryption settings. To failover click on the secondary and then click on forced failover.
將數據庫故障轉移到輔助服務器,并驗證數據和數據庫加密設置。 要進行故障轉移,請單擊輔助節點,然后單擊“ 強制故障轉移” 。
In this article, we explored how to set up geo-replication on a Transparent Data Encryption (TDE) enabled Azure SQL database. In case you have any questions, please feel free to ask in the comment section below.
在本文中,我們探討了如何在啟用了透明數據加密(TDE)的Azure SQL數據庫上設置地理復制。 如果您有任何疑問,請隨時在下面的評論部分中提問。
數據庫加密方式有哪些。 To continue your learning more about Transparent Data Encryption (TDE), please refer to the?Transparent Data Encryption?category.
要繼續學習有關透明數據加密(TDE)的更多信息,請參閱“ 透明數據加密”類別。
翻譯自: https://www.sqlshack.com/geo-replication-on-transparent-data-encryption-tde-enabled-azure-sql-database/
tde數據庫加密
版权声明:本站所有资料均为网友推荐收集整理而来,仅供学习和研究交流使用。
工作时间:8:00-18:00
客服电话
电子邮件
admin@qq.com
扫码二维码
获取最新动态
