400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state
400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state
400 InvalidKeyName - An invalid value was given for the server key name.
400 InvalidKeyType - The create server key type is not supported.
400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.
400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.
400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.
400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.
400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.
400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.
400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.
400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.
400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.
400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.
400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.
400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'
400 ManagedInstanceNoConditionToMakeDatabaseAccessible - The operation could not be completed because there is no sufficient permissions to start accessible workflow on managed instance {0}.
400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided
400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.
400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.
400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).
400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.
400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.
400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.
400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability
400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.
400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.
400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.
400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.
400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.
400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.
400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.
400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.
400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.
400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.
400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault.
400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.
400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.
400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.
400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector
400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.
400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.
400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.
400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.
400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.
400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.
400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.
400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.
400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.
400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.
400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.
400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.
400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.
400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'
400 ManagedInstanceNoConditionToMakeDatabaseAccessible - The operation could not be completed because there is no sufficient permissions to start accessible workflow on managed instance {0}.
400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided
400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.
400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.
400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).
400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.
400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.
400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.
400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability
400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.
400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.
400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.
400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.
400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.
400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.
400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.
400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.
400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.
400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.
400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault.
400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.
400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.
400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.
400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector
400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.
400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.
400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.
400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.
404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.
404 SubscriptionDoesNotHaveServer - The requested server was not found
404 ResourceNotFound - The requested resource was not found.
404 OperationIdNotFound - The operation with Id does not exist.
409 ServerKeyNameAlreadyExists - The server key already exists on the server.
409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.
409 ServerKeyDoesNotExists - The server key does not exist.
409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.
409 AzureKeyVaultKeyInUse - The key is currently being used by the server.
409 ServerKeyNameAlreadyExists - The server key already exists on the server.
409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.
409 ServerKeyDoesNotExists - The server key does not exist.
409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.
409 AzureKeyVaultKeyInUse - The key is currently being used by the server.
409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.
409 OperationCancelled - The operation has been cancelled by user.
409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.
429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.
429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.
500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.
503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed
503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .
503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed
503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .
503 TooManyRequests - Requests beyond max requests that can be processed by available resources.