Подключиться
Yandex Managed Service for SQL Server™

User

Статья создана

A set of methods for managing SQL Server users.

JSON Representation

{
  "name": "string",
  "clusterId": "string",
  "permissions": [
    {
      "databaseName": "string",
      "roles": [
        "string"
      ]
    }
  ]
}
Field Description
name string

Name of the SQL Server user.
clusterId string

ID of the SQL Server cluster the user belongs to.
permissions[] object

Set of permissions granted to the user.
permissions[].
databaseName		 string

Name of the database the permission grants access to.
permissions[].
roles[]		 string
  • DB_OWNER: Members of this fixed database role can perform all configuration and maintenance activities on the database, and can also drop the database in SQL Server.
  • DB_SECURITYADMIN: Members of this fixed database role can modify role membership for custom roles only and manage permissions. They can potentially elevate their privileges and their actions should be monitored.
  • DB_ACCESSADMIN: Members of this fixed database role can add or remove access to the database for Windows logins, Windows groups, and SQL Server logins.
  • DB_BACKUPOPERATOR: Members of this fixed database role can back up the database.
  • DB_DDLADMIN: Members of this fixed database role can run any Data Definition Language (DDL) command in a database.
  • DB_DATAWRITER: Members of this fixed database role can add, delete, or change data in all user tables.
  • DB_DATAREADER: Members of this fixed database role can read all data from all user tables.
  • DB_DENYDATAWRITER: Members of this fixed database role cannot add, modify, or delete any data in the user tables within a database. Denial has a higher priority than a grant, so you can use this role to quickly restrict one's privileges without explicitly revoking permissions or roles.
  • DB_DENYDATAREADER: Members of this fixed database role cannot read any data in the user tables within a database. Denial has a higher priority than a grant, so you can use this role to quickly restrict one's privileges without explicitly revoking permissions or roles.

Methods

Method Description
create Creates an SQL Server user in the specified cluster.
delete Deletes the specified SQL Server user.
get Returns the specified SQL Server user.
grantPermission Grants a permission to the specified SQL Server user.
list Retrieves a list of SQL Server users in the specified cluster.
revokePermission Revokes a permission from the specified SQL Server user.
update Modifies the specified SQL Server user.
В этой статье: