Fixed Roles
In Microsoft SQL Server, database roles are used to group and manage sets of database-level permissions. These roles help simplify the management of user access and permissions within a database. There are several predefined database roles available in SQL Server.
Here are some of the key database roles in SQL Server:
- db_owner: This role has the highest level of permissions within a database. Members of this role can perform all configuration and maintenance tasks, including creating and modifying objects, granting permissions, and managing database settings. By default, the user who creates the database becomes a member of this role.
- db_datareader: Members of this role have read access to all user tables in the database. They can execute SELECT statements and view data, but they cannot modify or delete data.
- db_datawriter: Members of this role have write access to all user tables in the database. They can perform INSERT, UPDATE, and DELETE operations on the data but cannot read the data using SELECT statements.
- db_executor: This role allows members to execute stored procedures, user-defined functions, and extended stored procedures in the database. They can run existing code but cannot modify or create new objects.
- db_ddladmin: Members of this role have permission to create, modify, and delete any objects within the database. They can perform Data Definition Language (DDL) operations, such as creating tables, views, and stored procedures.
- db_securityadmin: This role allows members to manage database-level security. They can grant, revoke, and deny permissions on various database objects. Members of this role can also reset passwords and manage roles.
- db_backupoperator: Members of this role can back up the database. They can perform tasks related to backup and restore operations but do not have access to the actual data.
- db_denydatareader and db_denydatawriter: These roles explicitly deny read and write access to all user tables, respectively. Members of these roles cannot perform any read or write operations on the data.
In the Nebula Framework, the Fixed Roles page allows an administrator to assign users to appropriate roles to manage security, enforce separation of duties, and control access to the database objects and data.
The page contains two grids: Roles (top) and Members (bottom).
Roles
The Roles grid is a read-only list of all existing database roles.
Selecting any record in the Roles grid will update the data in the Members grid (bottom).
The following fields are available:
Field's Description
Security Role Id A unique identifier for the role.
Role Name The name of the role assigned by SQL Server.
Description A brief description of the role.
Create Copy Of Existing Role When checked, It’s allows to create copy of existing role.
Existing Role Name of existing role assgined by SQL server.
Database Name The name of the database where the roles are created.
Role Type SQL Server provides three types of roles you can use to restrict access to data in your database: server-level roles, database-level roles, and application-level roles.
Members
The Members grid allow adding and removing users from roles.
The following fields are available:
Field's Description
Role Name The name of the role assigned by SQL Server.
Member Name The name of the user.
Login Name The login for the user.