I am developing a background worker that moves database between pools, create a pool, delete a pool, etc. I couldn't find in Microsoft document what the minimum required access to do such tasks? Admin to Azure SQL Server, Contributor or anything? I also read both server and database statistics from sys.* databases.
Asked
Active
Viewed 266 times
1
Dan Hunex
- 5,172
- 2
- 27
- 38
1 Answers
1
You need atleat Contributor role to perform create, delete, move, etc. related task.
A Contributor role allow to Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.
Please refer https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#contributor for more details.
To read data from system tables make sure you have required role assigned on database level, e.g., db_datareader role.
Utkarsh Pal
- 4,079
- 1
- 5
- 14