How to Managing SQL Server Permissions in Azure

Tanveer Ahmed 1 Reputation point

A deny will override a grant. This means that if a user is denied permission they cannot inherit a grant from another source


Azure SQL Edge
Azure SQL Edge
An Azure service that provides a small-footprint, edge-optimized data engine with built-in artificial intelligence. Previously known as Azure SQL Database Edge.
46 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Anurag Sharma 17,581 Reputation points

    Hi @Tanveer Ahmed , welcome to Microsoft Q&A forum.

    To understand the statement provided above, lets take an example. Suppose we have created a login and corresponding user, and then created a role which has select permission on the database. We map the user to this role, which provides the user select permission to the database. Now instead of providing deny to role we created, we directly provide deny to the user, then user will not have permission to the database anymore.

    if we do the other way round, like providing the deny permission on the role and then map the role with user, and then provide grant to the user again. Then also Deny will override grant and user would not have permission to the database.

    You can refer to below example for this details:

    Deny and Grant

    Please let us know if this is your query or else we can discuss further on the same.