DROP ASYMMETRIC KEY (Transact-SQL)
Applies to: SQL Server Azure SQL Database Azure SQL Managed Instance Azure Synapse Analytics SQL database in Microsoft Fabric
Removes an asymmetric key from the database.
Transact-SQL syntax conventions
Note
This syntax is not supported by serverless SQL pool in Azure Synapse Analytics.
Syntax
DROP ASYMMETRIC KEY key_name [ REMOVE PROVIDER KEY ]
Arguments
key_name
Is the name of the asymmetric key to be dropped from the database.
REMOVE PROVIDER KEY
Removes an Extensible Key Management (EKM) key from an EKM device. For more information about Extensible Key Management, see Extensible Key Management (EKM).
Remarks
An asymmetric key with which a symmetric key in the database has been encrypted, or to which a user or login is mapped, cannot be dropped. Before you drop such a key, you must drop any user or login that is mapped to the key. You must also drop or change any symmetric key encrypted with the asymmetric key. You can use the DROP ENCRYPTION option of ALTER SYMMETRIC KEY to remove encryption by an asymmetric key.
Metadata of asymmetric keys can be accessed by using the sys.asymmetric_keys catalog view. The keys themselves cannot be directly viewed from inside the database.
If the asymmetric key is mapped to an Extensible Key Management (EKM) key on an EKM device and the REMOVE PROVIDER KEY option is not specified, the key will be dropped from the database but not the device. A warning will be issued.
Permissions
Requires CONTROL permission on the asymmetric key.
Examples
The following example removes the asymmetric key MirandaXAsymKey6
from the AdventureWorks2022
database.
USE AdventureWorks2022;
DROP ASYMMETRIC KEY MirandaXAsymKey6;
See Also
CREATE ASYMMETRIC KEY (Transact-SQL)
ALTER ASYMMETRIC KEY (Transact-SQL)
Encryption Hierarchy
ALTER SYMMETRIC KEY (Transact-SQL)