Those principals listed on the Principal column are part of the fixed database roles listed on the Role column. Make sure they need those permissions, if they do then accept them as baseline. However, what the rule wants you to do is try to create custom roles on Azure SQL and use custom roles to give those principals only the permissions required for the tasks they need to perform instead of adding them to fixed roles.
VA2108 - Minimal set of principals should be members of fixed high impact database roles
Mudassir Shariff
0
Reputation points
Hi Everyone,
I need some help resolving the following error's I am noticing in the attached screenshot below, can someone help me here? what does not in a baseline mean?
2 answers
Sort by: Most helpful
-
-
GeethaThatipatri-MSFT 29,532 Reputation points Microsoft Employee
2023-09-07T15:41:45.35+00:00 Hi, @09574923 Thanks for posting your question in the Microsoft Q&A forum.
Adding to @Alberto Morillo These are not errors, these are the vulnerabilities that were found in rule VA2108. Please read our documentation about baselines and vulnerabilities remediation.
Regards
Geetha