Hi @Aman Sehgal​ 

  • Yes, it is possible to get a key from the key vault. I am using Azure key vault for that. However, just code doesn't look as lovely as in the above example as I need to use dbutils secrets and mix python with SQL.
  • Multiple keys and salt - I think you need your own script/implementation for that.
  • The perfect solution would be to encrypt the whole column on the table creation level (like in Synapse dedicated SQL).
  • I know there will be some improvements to handle PID data once the unity catalog is released (lineage, classification). However, I think the whole topic in databricks is relatively young.

My blog: https://databrickster.medium.com/