SQL Server recently introduced the ability to create custom server roles, in addition to database roles. Learn more in this video.
- [Instructor] So one of the ways to really hone in…on your permissions in SQL Server…is to focus on custom roles,…especially when you're developing a new application,…SQL Server offers a bunch of fixed roles…both at the server and the database level.…And I kinda like to shy away from those,…especially when I'm doing application development.…So things like db_owner…which gives complete and total control…over a complete database to the point…where a user can grant permissions…to that database to other users.…Not a good role.…Or even db_datareader which is another system defined role.…That allows reading on any table within a data.…
Typically I'd like to see my permissions…way more granular than that,…especially for an application.…I don't want a user to be able to access everything,…unless I want them to, and then I can grant them that role.…Here we're gonna talk about how to build…your own custom roles in SQL Server.…As you plan your data security strategy,…your best practice is gonna be to grant…the user the minimum possible permissions…
Author
Joey D'Antoni
Released
9/11/2018- Building secure applications in SQL Server
- Configuring authentication in Azure AD
- Assigning user roles and privileges
- Building custom roles
- Creating contained users
- Protecting SQL Server from injection
- Identifying vulnerabilities
- Writing strong procedures
- Checking inputs
- Using dynamic parameterization
- Encrypting network connections
- Securing linked servers
- Configuring firewalls
Skill Level Beginner
Duration
Views
-
Introduction
-
Course software1m 33s
-
1. Roles and Privileges in SQL Server
-
Logins and users3m 39s
-
Least privileges principal4m 20s
-
Roles in Azure SQL Database2m 45s
-
Demo: Contained users2m 22s
-
-
2. SQL Injection
-
Overview of SQL injection2m 44s
-
-
3. Securing Your Network
-
Network security3m 58s
-
TLS 1.0 vs. TLS 1.23m 12s
-
Linked server security3m 37s
-
Demo: Linked servers3m 32s
-
Azure SQL Database firewalls3m 56s
-
-
Conclusion
-
Next steps13s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Building custom roles in SQL Server