Enable TDE on all Azure Databases
TDE on Subscriptions for all AZURE databases
Introduction
A small script to enable TDE on Azure SQL Servers in a subscription. This has also been converted to a VSTS extension so can be used in builds.
Using the Code
Login to an Azure subscription and run the following powershell:
#Enable TDE on ALL SQL Databases in a subscription#
$SQLServers=Get-AzureRmResource | where resourcetype -eq "Microsoft.Sql/servers/databases"
$SQLServers | foreach{
$Servers=($_.Name).split("/")
$a,$b =$servers
$c=$_.ResourceGroupName
$check=Get-AzureRMSqlDatabaseTransparentDataEncryption -ServerName $a -ResourceGroupName $c -DatabaseName $b
if ($check.state -eq "Disabled")
{
Set-AzureRMSqlDatabaseTransparentDataEncryption -ServerName $a -ResourceGroupName $c
-DatabaseName $b -State "Enabled"
}
Else
{
write-host "Azure Server '$a' with Database '$b' already has TDE Enabled"
}
}