Azure SQL Database Security
Azure
enables a different level of security measures for their customers at
both Server Level and Database Level.
Server Level means Azure SQL server level, not the subscription level,
the security features it includes are:
·
Access to the SQL database is restricted
to certain user roles.
·
Allows to set up Server firewall rules so that the
users with certain IP addresses are permitted to access the database and allowed to manage
the database.
·
Azure SQL databases uses logins at the
server level to authenticate user requests, it doesn't support windows
integrated authentication.
·
The master database roles have two
roles: loginmanager role (has permissions to create and manage logins), dbmanager role (has
permissions to create and manage databases).
At database
level some of the security features are:
- Extends access to client IP
addresses by allowing to add additional firewall rules for individual
databases.
- GRANT, REVOKE, DENY statements
can be executed to assign permissions to database objects for users and
roles in the database.
- Several
database roles permissions are implemented at different levels, have a
quick look at the above picture.
Comments
Post a Comment