You can create domain rules, check constraints, or access rules on encrypted columns. However, decrypt permission is required on the encrypted column when the encrypted column is used in target list, where clause, and so on. This example creates the rule_creditcard rule on the creditcard column, which has a domain rule defined:
create encryption key cc_key with init_vector null create table customer(custid int, creditcard varchar(16) encrypt with cc_key) create rule rule_creditcard as @value like '%[0-9]' sp_bindrule rule_creditcard, creditcard
bcp in -C bypasses the domain rule or check constraint for encrypted columns because Adaptive Server uses fast bcp with bcp in -C. bcp out -C generates error number 2929 if an access rule exists on the encrypted column. Adaptive Server bypasses the rule or constraint for insert and update statements when you replicate encrypted columns with domain rules or check constraints. Adaptive Server also generates error number 2929 when you replicate encrypted columns with access rules for update, delete, or select statements.
