New‑SqlDscRSEncryptionKey - dsccommunity/SqlServerDsc GitHub Wiki

SYNOPSIS

Generates a new encryption key for SQL Server Reporting Services.

SYNTAX

New-SqlDscRSEncryptionKey [-Configuration] <Object> [-PassThru] [-Force] 
 [-WhatIf] [-Confirm] [<CommonParameters>]

DESCRIPTION

Generates a new encryption key for SQL Server Reporting Services or Power BI Report Server by calling the ReencryptSecureInformation method on the MSReportServer_ConfigurationSetting CIM instance.

This command generates a new symmetric encryption key and re-encrypts all stored secure information (such as credentials and connection strings) with the new key. This operation is typically performed when security requirements mandate key rotation.

WARNING: After generating a new encryption key, you should immediately back up the new key using Backup-SqlDscRSEncryptionKey. Any previous encryption key backups will no longer be valid.

The configuration CIM instance can be obtained using the Get-SqlDscRSConfiguration command and passed via the pipeline.

EXAMPLES

EXAMPLE 1

Get-SqlDscRSConfiguration -InstanceName 'SSRS' | New-SqlDscRSEncryptionKey

Generates a new encryption key for the Reporting Services instance.

EXAMPLE 2

Get-SqlDscRSConfiguration -InstanceName 'SSRS' | New-SqlDscRSEncryptionKey -Force

Generates a new encryption key without confirmation.

EXAMPLE 3

Get-SqlDscRSConfiguration -InstanceName 'SSRS' | New-SqlDscRSEncryptionKey -PassThru

Generates a new encryption key and returns the configuration CIM instance.

PARAMETERS

-Configuration

Specifies the MSReportServer_ConfigurationSetting CIM instance for the Reporting Services instance. This can be obtained using the Get-SqlDscRSConfiguration command. This parameter accepts pipeline input.

Type: Object
Parameter Sets: (All)
Aliases:

Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False

-Force

If specified, suppresses the confirmation prompt.

Type: SwitchParameter
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

-PassThru

If specified, returns the configuration CIM instance after generating the new encryption key.

Type: SwitchParameter
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

Microsoft.Management.Infrastructure.CimInstance

Accepts MSReportServer_ConfigurationSetting CIM instance via pipeline.

OUTPUTS

None. By default, this command does not generate any output.

Microsoft.Management.Infrastructure.CimInstance

When PassThru is specified, returns the MSReportServer_ConfigurationSetting

CIM instance.

NOTES

This operation invalidates any existing encryption key backups. Immediately back up the new encryption key after this operation. The Reporting Services service may need to be restarted after generating a new encryption key.

RELATED LINKS

https://docs.microsoft.com/en-us/sql/reporting-services/wmi-provider-library-reference/configurationsetting-method-reencryptsecureinformation

⚠️ **GitHub.com Fallback** ⚠️