Подключиться
Yandex Managed Service for SQL Server™

Method create

Статья создана

Creates an SQL Server user in the specified cluster.

HTTP request

POST https://mdb.api.cloud.yandex.net/mdb/sqlserver/v1/clusters/{clusterId}/users

Path parameters

Parameter Description
clusterId Required. ID of the SQL Server cluster to create a user for. To get the cluster ID, use a list request. The maximum string length in characters is 50.

Body parameters

{
  "userSpec": {
    "name": "string",
    "password": "string",
    "permissions": [
      {
        "databaseName": "string",
        "roles": [
          "string"
        ]
      }
    ]
  }
}
Field Description
userSpec object

Required. Properties of the user to be created.
userSpec.
name		 string

Required. Name of the SQL Server user.

The maximum string length in characters is 32. Value must match the regular expression [a-zA-Z0-9_]*.
userSpec.
password		 string

Required. Password of the SQL Server user.

The string length in characters must be 8-128.
userSpec.
permissions[]		 object

Set of permissions to grant to the user.
userSpec.
permissions[].
databaseName		 string

Name of the database the permission grants access to.
userSpec.
permissions[].
roles[]		 string
  • DB_OWNER: Members of this fixed database role can perform all configuration and maintenance activities on the database, and can also drop the database in SQL Server.
  • DB_SECURITYADMIN: Members of this fixed database role can modify role membership for custom roles only and manage permissions. They can potentially elevate their privileges and their actions should be monitored.
  • DB_ACCESSADMIN: Members of this fixed database role can add or remove access to the database for Windows logins, Windows groups, and SQL Server logins.
  • DB_BACKUPOPERATOR: Members of this fixed database role can back up the database.
  • DB_DDLADMIN: Members of this fixed database role can run any Data Definition Language (DDL) command in a database.
  • DB_DATAWRITER: Members of this fixed database role can add, delete, or change data in all user tables.
  • DB_DATAREADER: Members of this fixed database role can read all data from all user tables.
  • DB_DENYDATAWRITER: Members of this fixed database role cannot add, modify, or delete any data in the user tables within a database. Denial has a higher priority than a grant, so you can use this role to quickly restrict one's privileges without explicitly revoking permissions or roles.
  • DB_DENYDATAREADER: Members of this fixed database role cannot read any data in the user tables within a database. Denial has a higher priority than a grant, so you can use this role to quickly restrict one's privileges without explicitly revoking permissions or roles.

Response

HTTP Code: 200 - OK

{
  "id": "string",
  "description": "string",
  "createdAt": "string",
  "createdBy": "string",
  "modifiedAt": "string",
  "done": true,
  "metadata": "object",

  //  includes only one of the fields `error`, `response`
  "error": {
    "code": "integer",
    "message": "string",
    "details": [
      "object"
    ]
  },
  "response": "object",
  // end of the list of possible fields

}

An Operation resource. For more information, see Operation.

Field Description
id string

ID of the operation.
description string

Description of the operation. 0-256 characters long.
createdAt string (date-time)

Creation timestamp.

String in RFC3339 text format.
createdBy string

ID of the user or service account who initiated the operation.
modifiedAt string (date-time)

The time when the Operation resource was last modified.

String in RFC3339 text format.
done boolean (boolean)

If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata object

Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
error object
The error result of the operation in case of failure or cancellation.
includes only one of the fields error, response

The error result of the operation in case of failure or cancellation.
error.
code		 integer (int32)

Error code. An enum value of google.rpc.Code.
error.
message		 string

An error message.
error.
details[]		 object

A list of messages that carry the error details.
response object
includes only one of the fields error, response

The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any.
В этой статье: