Using Visual Studio database projects (SSDT) I added a new column to an existing table. I am using Always Encrypted to encrypt individual columns. When I add the column and try to publish, I get a popup in Visual Studio that says "Value cannot be null. Parameter name: reportedElement".

If I don't encrypt the column, it works. If I clear the existing data out of the table, it works. But just trying to add a new nullable encrypted column does not publish. It will not even generate the script that would be applied.

I ran the daxFX and SSDT logging and viewed the logs with Windows Event Viewer, but I just see the same error "Value cannot be null. Parameter name: reportedElement".

This is what the added column definition looks like.

[MyNewColumn] INT ENCRYPTED WITH (COLUMN_ENCRYPTION_KEY = [DefaultColumnEncryptionKey], ENCRYPTION_TYPE = DETERMINISTIC, ALGORITHM = 'AEAD_AES_256_CBC_HMAC_SHA_256') NULL

I expect Visual Studio to publish successfully, adding my new nullable encrypted column but the actual behavior is a pop up that states "Value cannot be null. Parameter name: reportedElement".

I had the exact same issue, except I had decrypted the column to perform a lookup based on it that I couldn't while it was encrypted (this is a local development db).

The solution was to just perform the encryption manually via SSMS and then run the publish. I'm not sure why VS can't publish the changes, the encryption keys are stored in the local cert store and VS is running as admin but it might not be able to access the keys to encrypt the data but SSMS can.