SQL Azure - Security Overview

Peter Schmitz

Administrator
Staff member
While looking into learning more about Azure, I came across a video made by Microsoft's Ola Ekdahl.

In it, he shows a slide with some differences between your typical local installation of SQL Server and SQL Azure security.

Seeing the slide might be useful to see in a more static way, I figured I would republish it as a table here.

Point of DifferenceOn-premise SQL serverSQL Azure
Where you manage server-level securityThe Security folder in SQL Server Management Studio's Object ExplorerThe master database
Server-level security role for creating loginssecurityadminloginmanager
Commands for managing loginsCREATE LOGIN
ALTER LOGIN
DROP LOGIN
CREATE LOGIN
ALTER LOGIN
DROP LOGIN
(There are some parameter limitations and you must be connected to the master database)
View that shows all loginssys.sql_loginssys.sql_logins
(You must be connected to the master database)
Server-level role for creating databasesdbcreatordbmanager
Command for creating a databaseCREATE DATABASECREATE DATABASE
(There are some parameter limitations and you must be connected to the master database)
Dropping databasesDROP DATABASEDROP DATABASE
If a user is in the dbmanager role, they have permission to DROP any database, regardless of which user originally created it.
View that lists all databasessys.databases
(view)
sys.databases
(You must be connected to the master database)

Again, this is not my work, but was taken from a video by Ola Ekdahl. The original video can be found on MSdev - Microsoft SQL Azure Security Model.
 
Top