Thanks, Sascha! I'm thinking of the same type of encryption but I have to use a NoSQL DB such as CosmosDB or MongoDB as Destination. Actually we are working with mongo at this moment but having hard times to implement field level encryption when using datatricks as client application to load bulk data from OLE DB Sources. Do you know if is there any field level encryption like the one you demostrated using SQL Server to be used with CosmosDB as destination and using features like Data Factory and Databricks as client applications to load and prepare data? Thanks in advance!
Hey Felipe! I had to wait a bit, to be able to officially talk about the solution to your request. Please have a look here docs.microsoft.com/en-us/azure/cosmos-db/how-to-always-encrypted
So if I am querying data from a table with encrypted columns and my connection string DOESN'T specify enabled encryption column, would I still recieve record but columns would be encrypted?
Thanks! You can also do the same thing by only using PowerShell (docs.microsoft.com/en-us/sql/relational-databases/security/encryption/configure-always-encrypted-using-powershell?view=sql-server-2017). Some, but not all of those steps, can also be done by using T-SQL, e.g. creating a new table with encrypted columns. What exactly would you like to do?
Heeey Thank youuuuu but can you just explain to me what is the difference between Failover groupes and Geo-Replication it seems the same im a little bit confused.
Failover Groups make it easy to cover multiple databases at once (at the Logical Server Level), whereas Geo-Replication is only valid for a single database.
Fatiha Bennani Yes, sure. I've got already some of them on my list, e.g. Stream Analytics - Basic Queries and Cosmos DB - Consistency Levels Explained. Do you have any particular topic in mind?
Fatiha Bennani This is just for Disaster Recovery reasons. You have 3 nodes for each database per region, which makes it fault tolerant in this region. Geo-Replication or Failover Groups add 3 additional copies in another region if the first one fails
The code I used was based on the official Azure documentation: docs.microsoft.com/en-us/azure/azure-sql/database/always-encrypted-azure-key-vault-configure , but I didn't upload my complete example to GitHub. Please have a look at the docs and let me know if this works for you.
Thanks Sascha! Very well explained ...
This is nice video, can I pass table variable or temp table and do bulk insert/update for encrypted columns
Nice video. I have a question: This c# we still able to see plain text while debugging, does it mean bad actor still can see the data?
Yes, during debugging, you will be able to read the data in clear text.
perfect🤩
Thanks, Sascha! I'm thinking of the same type of encryption but I have to use a NoSQL DB such as CosmosDB or MongoDB as Destination. Actually we are working with mongo at this moment but having hard times to implement field level encryption when using datatricks as client application to load bulk data from OLE DB Sources. Do you know if is there any field level encryption like the one you demostrated using SQL Server to be used with CosmosDB as destination and using features like Data Factory and Databricks as client applications to load and prepare data? Thanks in advance!
Hey Felipe! I had to wait a bit, to be able to officially talk about the solution to your request. Please have a look here docs.microsoft.com/en-us/azure/cosmos-db/how-to-always-encrypted
@@SaschaDittmann awesome! tks!
You‘re welcome! If you have question about this, or similar topics, feel free to ping me.
So if I am querying data from a table with encrypted columns and my connection string DOESN'T specify enabled encryption column, would I still recieve record but columns would be encrypted?
Yes, the query would return all columns as they are stored in the database without decoding them
great vid. do you know if there is a way to encrypt columns via scripts in a sql database project?
Thanks!
You can also do the same thing by only using PowerShell (docs.microsoft.com/en-us/sql/relational-databases/security/encryption/configure-always-encrypted-using-powershell?view=sql-server-2017).
Some, but not all of those steps, can also be done by using T-SQL, e.g. creating a new table with encrypted columns.
What exactly would you like to do?
very good and direct!
Thank you! I'm glad that you liked the video. Do you have any other topics you'd like me to cover?
Heeey Thank youuuuu but can you just explain to me what is the difference between Failover groupes and Geo-Replication it seems the same im a little bit confused.
Failover Groups make it easy to cover multiple databases at once (at the Logical Server Level), whereas Geo-Replication is only valid for a single database.
@@SaschaDittmann Thank you sacha please if you can do more videos about Azure specially Infrastructure :)
Fatiha Bennani Yes, sure. I've got already some of them on my list, e.g. Stream Analytics - Basic Queries and Cosmos DB - Consistency Levels Explained.
Do you have any particular topic in mind?
@@SaschaDittmann this is kind of you.
honestly i have a question why do we need backup sql database on Azure? Thanks
Fatiha Bennani This is just for Disaster Recovery reasons. You have 3 nodes for each database per region, which makes it fault tolerant in this region. Geo-Replication or Failover Groups add 3 additional copies in another region if the first one fails
Do you have the script on your github
The code I used was based on the official Azure documentation:
docs.microsoft.com/en-us/azure/azure-sql/database/always-encrypted-azure-key-vault-configure
, but I didn't upload my complete example to GitHub.
Please have a look at the docs and let me know if this works for you.