New-DbaDbCertificate View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates a new database certificate for encryption and security purposes
Description Creates a new database certificate within a specified database using SQL Server Management Objects. Database certificates are essential for implementing Transparent Data Encryption (TDE), encrypting stored procedures and functions, securing Service Broker dialogs, and enabling column-level encryption.
New-DbaDbEncryptionKey View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates database encryption keys for Transparent Data Encryption (TDE)
Description Creates database encryption keys (DEKs) required for Transparent Data Encryption, using certificates or asymmetric keys from the master database. This is the essential first step before enabling TDE on any database to encrypt data at rest.
New-DbaDbMasterKey View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates a database master key for encryption operations
Description Creates a database master key, which is required for implementing Transparent Data Encryption (TDE), Always Encrypted, or other database-level encryption features. The master key serves as the root encryption key that protects other encryption keys within the database.
New-DbaServiceMasterKey View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates a service master key in the master database for instance-level encryption hierarchy
Description Creates a service master key in the master database, which sits at the top of SQL Server’s encryption hierarchy. The service master key automatically encrypts and protects database master keys, certificates, and other encryption objects across all databases on the instance.
Read-DbaAuditFile View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Parses SQL Server audit files (.sqlaudit) into structured event data for security analysis and compliance reporting.
Description Reads and parses SQL Server audit files (.sqlaudit) created by SQL Server Audit functionality, converting binary audit data into readable PowerShell objects. Each audit event is returned with its timestamp, event details, fields, and actions in a structured format that’s easy to filter, export, or analyze.
Remove-DbaComputerCertificate View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes certificates from Windows certificate stores on local or remote computers
Description Removes certificates from Windows certificate stores on local or remote computers using PowerShell remoting. This is essential for managing SSL/TLS certificates used by SQL Server instances for encrypted connections and authentication. DBAs commonly use this to clean up expired certificates, remove compromised certificates during security incidents, or manage certificate lifecycle during SQL Server migrations and decommissions.
Remove-DbaCredential View Source Mikey Bronowski (@MikeyBronowski), bronowski.it Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes SQL credential(s).
Description Removes the SQL credential(s) that have passed through the pipeline.
If not used with a pipeline, Get-DbaCredential will be executed with the parameters provided
and the returned SQL credential(s) will be removed.
Syntax Remove-DbaCredential [-SqlInstance <DbaInstanceParameter[]>] [-SqlCredential <PSCredential>] [-Credential <String[]>] [-ExcludeCredential <String[]>] [-Identity <String[]>] [-ExcludeIdentity <String[]>] [-WhatIf] [-Confirm] [<CommonParameters>] Remove-DbaCredential [-SqlInstance <DbaInstanceParameter[]>] [-SqlCredential <PSCredential>] [-Credential <String[]>] [-ExcludeCredential <String[]>] [-Identity <String[]>] [-ExcludeIdentity <String[]>] -InputObject <Credential[]> [-EnableException] [-WhatIf] [-Confirm] [<CommonParameters>] Examples Example: 1 PS C:\> Remove-DbaCredential -SqlInstance localhost, localhost\namedinstance Removes all SQL credentials on the localhost, localhost\namedinstance instances.
Remove-DbaDbAsymmetricKey View Source Stuart Moore (@napalmgram), stuart-moore.com Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes asymmetric keys from SQL Server databases
Description Removes asymmetric keys from SQL Server databases by executing DROP ASYMMETRIC KEY commands. Asymmetric keys are part of SQL Server’s cryptographic hierarchy used for encryption, digital signatures, and protecting symmetric keys or certificates. This function helps DBAs clean up unused encryption objects during security audits, decommission old encryption schemes, or remove keys that are no longer needed for compliance requirements.
Remove-DbaDbCertificate View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes database certificates from SQL Server databases
Description Removes database certificates from specified SQL Server databases using the DROP CERTIFICATE statement. This function is commonly used during certificate rotation, security cleanup, or when decommissioning encryption features like Transparent Data Encryption (TDE) or Always Encrypted. Certificates can be targeted individually by name or removed in bulk using pipeline input from Get-DbaDbCertificate.
Remove-DbaDbEncryptionKey View Source Chrissy LeMaire (@cl), netnerds.net Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes database encryption keys from SQL Server databases to disable Transparent Data Encryption
Description Removes database encryption keys (DEK) from specified databases by executing DROP DATABASE ENCRYPTION KEY. This is typically used when disabling Transparent Data Encryption (TDE) on a database or during encryption key rotation workflows.
dbatools