The following table shows the fixed-database roles and their capabilities. Server-level permissions can't be granted through roles in Azure SQL Database and Azure Synapse Analytics. For server-level security in SQL Server, use server roles instead. Logins and other server-level principals (such as server roles) can't be added to database roles. Server-level permissions can't be granted to database roles. For more information, see Permissions (Database Engine).įor a list of all the permissions, see the Database Engine Permissions poster. The permissions of user-defined database roles can be customized by using the GRANT, DENY, and REVOKE statements. This could enable unintended privilege escalation. You can add any database account and other SQL Server roles into database-level roles.ĭo not add user-defined database roles as members of fixed roles. There are also some special-purpose database roles in the msdb database. Members of the db_owner database role can manage fixed-database role membership. There are two types of database-level roles: fixed-database roles that are predefined in the database and user-defined database roles that you can create.įixed-database roles are defined at the database level and exist in each database. Use the older sp_addrolemember and sp_droprolemember procedures instead. Analytics Platform System (PDW) and Azure Synapse Analytics doesn't support the use of ALTER ROLE. To add and remove users to a database role, use the ADD MEMBER and DROP MEMBER options of the ALTER ROLE statement. Database-level roles are database-wide in their permissions scope. They are like groups in the Microsoft Windows operating system. To easily manage the permissions in your databases, SQL Server provides several roles that are security principals that group other principals. Applies to: SQL Server Azure SQL Database Azure SQL Managed Instance Azure Synapse Analytics Analytics Platform System (PDW)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |