The Database Engine manages a hierarchical collection of entities that can be secured with permissions. These entities are known as securables. The most prominent securables are servers and databases, but discrete permissions can be set at a much finer level. SQL Server regulates the actions of principals on securables by verifying that they have been granted appropriate permissions.
The following illustration shows the relationships among the Database Engine permissions hierarchies.
The permissions system works the same in all versions of SQL Server, SQL Database, SQL database in Microsoft Fabric, Azure Synapse Analytics, Analytics Platform System, however some features are not available in all versions. For example, server-level permission cannot be configured in Azure products.
Permissions can be manipulated with the familiar Transact-SQL queries GRANT, DENY, and REVOKE. Information about permissions is visible in the sys.server_permissions and sys.database_permissions catalog views. There is also support for querying permissions information by using built-in functions.
Do you need to manage user access rights? In this learning path, you will learn how to manage permissions associated with environments and entities. You will also learn about different administrative portals and how to access each.
Administer an SQL Server database infrastructure for cloud, on-premises and hybrid relational databases using the Microsoft PaaS relational database offerings.
