SQL Server RLS Database Users and Login User Permission

  • Please suggest practice on SQL Server RLS

    On the database level, defined users with different permission policy e.g **DB_User1, DB_User2, DB_User3, DB_User4 **

    When I create login User DB_User_manager How to specify that that use it can EXECUTE AS only DB_User3, DB_User4 and not DB_User1, DB_User2.

    Or if it is not possible, what is a better approach?

    I'd like to have control over EXECUTE AS (what user might be specified for particular login)

  • In detail explained here in this link.

    https://learn.microsoft.com/en-us/sql/relational-databases/security/row-level-security?view=sql-server-ver16

    =======================================================================

  • One approach to achieving control over EXECUTE AS for specific users in SQL Server is to implement Row-Level Security (RLS) on the database. This can be done by creating security policies for each user group and defining predicates to filter data. DB_User_manager can be granted permissions to execute stored procedures or functions that utilize RLS, but not modify the security policies, allowing control over which users it can execute as. The other approach would be just to bail on it and chill out. When there are too many tasks, databases and coding around me, I turn to my guilty pleasure - betting on horse racing. Unfortunately, it's a complicated task to find the bookmaker who still accepts such bets, but Legalbet saved me as they have special set of horse betting bookies https://legalbet.uk/betting-sites/sets/horse-racing/ . I know guys you all just love SQL, but don't forget to love youselves.

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply