Skip to main content

Azure SQL Database Security


Azure SQL Database Security

Azure enables a different level of security measures for their customers at both Server Level and Database Level.
Server Level means Azure SQL server level, not the subscription level, the security features it includes are:
·         Access to the SQL database is restricted to certain user roles.
·         Allows to set up Server firewall rules so that the users with certain IP addresses are permitted to access the database and allowed to manage the database.
·         Azure SQL databases uses logins at the server level to authenticate user requests, it doesn't support windows integrated authentication.
·         The master database roles have two roles: loginmanager role (has permissions to create and manage logins), dbmanager role (has permissions to create and manage databases).


At database level some of the security features are:

  • Extends access to client IP addresses by allowing to add additional firewall rules for individual databases.
  • GRANT, REVOKE, DENY statements can be executed to assign permissions to database objects for users and roles in the database.
  • Several database roles permissions are implemented at different levels, have a quick look at the above picture.

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

Geo-Replication in SQL Azure Database

Geo-Replication in SQL Azure Database Geo-Replication  is one of the Azure SQL features which allows making 3 readable replicas to your database in same or different data centers. Geo-Replication option is available for all databases and service tiers in all region. If it is enabled, the application initiates to a secondary database. we will review how to set up Geo-Replication on Azure SQL databases. Geo-Replication is an Azure SQL database feature that allows you to create a readable secondary database in the same region or cross-region. We can failover to the secondary database in case of an outage for a long time on the primary database server. We can also use this feature to migrate a database from one server to another server in the same or cross region with minimal downtime. Geo-replication uses the Always-on feature to replicate committed transactions to the secondary database asynchronously. Select the database, Click on 'Geo Replication' in left hand...
Post a Comment
Read more

Azure SQL Databases - Architecture

Azure SQL Databases - Architecture You 'll be having an Azure subscription as the top layer in which you have a resource group. Within the resource group, you'll be having the server instances and databases. On top of the SQL database server, it contains the master database and isolated users database. PowerShell commands The PowerShell commands to deploy the Azure SQL database are: To build a SQL server:         $sqlServer = New-AzureRmSqlServer -ServerName $sqlServerName -SqlAdministratorCredentials $creds -Location $sqlServerLocation -ResourceGroupName $resourceGroupName -ServerVersion $sqlServerVersion To Create an empty database in the server: $CurrentDatabase = New-AzureRmSqlDatabase -ResourceGroupName $resourceGroupName -ServerName $sqlServerName -DatabaseName $databaseName -Edition $databaseEdition -RequestServiceObjectiveName $databaseServiceLevel Database Tiers There are different tiers in SQL Databases offere...
Post a Comment
Read more

Troubleshooting transient connection errors to Azure SQL Database

Troubleshooting transient connection errors to Azure SQL Database Dear friends, I'm Yogesh. At my work place, I have faced these type of issues at times.  Let us understand what is this transient error?  A transient error has an underlying cause that soon resolves itself. It causes occasionally is when the Azure system quickly shifts hardware resources to better load-balance various workloads. Most of these reconfiguration events finish in less than 60 seconds.  During this reconfiguration time span, you might have connectivity issues to SQL Database.  To handle them, implement retry logic in their code instead of surfacing them to users as application errors. If your client program uses ADO.NET, your program is told about the transient error by the throw of  SqlException . What is the solution? Can Retry logic works? When your program communicates with SQL Database through third-party middleware, ask the vendor whether the middle ware contain...
Post a Comment
Read more