Managed Instance Encryption Protectors - Get

Service:: SQL Database

API Version:: 2023-08-01

Gets a managed instance encryption protector.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/managedInstances/{managedInstanceName}/encryptionProtector/current?api-version=2023-08-01

URI Parameters

Name	In	Required	Type	Description
encryptionProtectorName	path	True	EncryptionProtectorName	The name of the encryption protector to be retrieved.
managedInstanceName	path	True	string	The name of the managed instance.
resourceGroupName	path	True	string	The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
subscriptionId	path	True	string	The subscription ID that identifies an Azure subscription.
api-version	query	True	string	The API version to use for the request.

Responses

Name	Type	Description
200 OK	ManagedInstanceEncryptionProtector	Successfully retrieved the specified managed instance encryption protector.
Other Status Codes	ErrorResponse	* Error Responses: * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state 400 InvalidKeyName - An invalid value was given for the server key name. 400 InvalidKeyType - The create server key type is not supported. 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user. 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object. 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported. 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription. 404 SubscriptionDoesNotHaveServer - The requested server was not found 404 ResourceNotFound - The requested resource was not found.

Name

Type

Description

200 OK

ManagedInstanceEncryptionProtector

Successfully retrieved the specified managed instance encryption protector.

Other Status Codes

ErrorResponse

*** Error Responses: ***

400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state
400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state
400 InvalidKeyName - An invalid value was given for the server key name.
400 InvalidKeyType - The create server key type is not supported.
400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.
400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.
400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.
404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.
404 SubscriptionDoesNotHaveServer - The requested server was not found
404 ResourceNotFound - The requested resource was not found.

Examples

Get the encryption protector

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-7398/providers/Microsoft.Sql/managedInstances/sqlcrudtest-4645/encryptionProtector/current?api-version=2023-08-01

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Sql.Models;
using Azure.ResourceManager.Sql;

// Generated from example definition: specification/sql/resource-manager/Microsoft.Sql/stable/2023-08-01/examples/ManagedInstanceEncryptionProtectorGet.json
// this example is just showing the usage of "ManagedInstanceEncryptionProtectors_Get" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ManagedInstanceEncryptionProtectorResource created on azure
// for more information of creating ManagedInstanceEncryptionProtectorResource, please refer to the document of ManagedInstanceEncryptionProtectorResource
string subscriptionId = "00000000-1111-2222-3333-444444444444";
string resourceGroupName = "sqlcrudtest-7398";
string managedInstanceName = "sqlcrudtest-4645";
EncryptionProtectorName encryptionProtectorName = EncryptionProtectorName.Current;
ResourceIdentifier managedInstanceEncryptionProtectorResourceId = ManagedInstanceEncryptionProtectorResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, managedInstanceName, encryptionProtectorName);
ManagedInstanceEncryptionProtectorResource managedInstanceEncryptionProtector = client.GetManagedInstanceEncryptionProtectorResource(managedInstanceEncryptionProtectorResourceId);

// invoke the operation
ManagedInstanceEncryptionProtectorResource result = await managedInstanceEncryptionProtector.GetAsync();

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
ManagedInstanceEncryptionProtectorData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-7398/providers/Microsoft.Sql/managedInstances/sqlcrudtest-4645/encryptionProtector/current",
  "name": "current",
  "type": "Microsoft.Sql/managedInstances/encryptionProtector",
  "kind": "azurekeyvault",
  "properties": {
    "serverKeyName": "someVault_someKey_01234567890123456789012345678901",
    "serverKeyType": "AzureKeyVault",
    "uri": "https://someVault.vault.azure.net/keys/someKey/01234567890123456789012345678901",
    "autoRotationEnabled": false
  }
}

Definitions

Name	Description
EncryptionProtectorName	The name of the encryption protector to be retrieved.
ErrorAdditionalInfo	The resource management error additional info.
ErrorDetail	The error detail.
ErrorResponse	Error response
ManagedInstanceEncryptionProtector	The managed instance encryption protector.
ServerKeyType	The encryption protector type like 'ServiceManaged', 'AzureKeyVault'.

EncryptionProtectorName

Enumeration

The name of the encryption protector to be retrieved.

Value	Description
current

ErrorAdditionalInfo

Object

The resource management error additional info.

Name	Type	Description
info	object	The additional info.
type	string	The additional info type.

ErrorDetail

Object

The error detail.

Name	Type	Description
additionalInfo	ErrorAdditionalInfo[]	The error additional info.
code	string	The error code.
details	ErrorDetail[]	The error details.
message	string	The error message.
target	string	The error target.

ErrorResponse

Object

Error response

Name	Type	Description
error	ErrorDetail	The error object.

ManagedInstanceEncryptionProtector

Object

The managed instance encryption protector.

Name	Type	Description
id	string	Resource ID.
kind	string	Kind of encryption protector. This is metadata used for the Azure portal experience.
name	string	Resource name.
properties.autoRotationEnabled	boolean	Key auto rotation opt-in flag. Either true or false.
properties.serverKeyName	string	The name of the managed instance key.
properties.serverKeyType	ServerKeyType	The encryption protector type like 'ServiceManaged', 'AzureKeyVault'.
properties.thumbprint	string	Thumbprint of the server key.
properties.uri	string	The URI of the server key.
type	string	Resource type.

ServerKeyType

Enumeration

The encryption protector type like 'ServiceManaged', 'AzureKeyVault'.

Value	Description
ServiceManaged
AzureKeyVault

Share via

Managed Instance Encryption Protectors - Get

URI Parameters

Responses

Examples

Get the encryption protector

Sample request

Sample response

Definitions

EncryptionProtectorName

ErrorAdditionalInfo

ErrorDetail

ErrorResponse

ManagedInstanceEncryptionProtector

ServerKeyType