SQL Data Warehouse: ALTER DATABASE SCOPED CREDENTIAL command for rotating storage keys

2018년 2월 2일 금요일

The ALTER DATABASE SCOPED CREDENTIAL command is now supported for Azure SQL Data Warehouse. 

It's a security best practice with Azure Storage to use rotating keys. SQL Data Warehouse uses storage account keys to define external data sources and enable users to load data from various storage accounts. When these credentials change, underlying objects that rely on this external data source definition have to be updated.

Users no longer have to drop and re-create objects that rely on external data sources when new keys are introduced. Rotating storage keys is now as simple as changing the credential secret by using ALTER DATABASE SCOPED CREDENTIAL.

Example:

The original key is created.

CREATE DATABASE SCOPED CREDENTIAL my_credential WITH IDENTITY = 'my_identity' [ , SECRET = 'key1' ]

Rotate key from key 1 to key 2.

ALTER DATABASE SCOPED CREDENTIAL my_credential WITH IDENTITY = 'my_identity' [ , SECRET = 'key2' ]

No other changes to underlying external data sources are needed.

무료 계정

Azure 크레딧 $200개 및 12개월의 인기 서비스를 무료로 받아보세요.

체험하기

Visual Studio

최대 $1800 연간 Azure 서비스를 구독자에게 제공

지금 활성화

시작

BizSpark 프로그램에 가입하고 무료 Azure 서비스를 이용하세요

자세한 정보