Bewerken

Delen via


sys.dm_server_external_policy_principal_assigned_actions (Transact-SQL)

Applies to: SQL Server 2022 (16.x) Azure SQL Database

Lists all database and server principals created from Microsoft Entra ID (formerly Azure Active Directory), joined with roles, joined with their data actions.

Note

This view returns one record per assignment. If the same action has been assigned at multiple scopes (like via different role-assignments or different scopes), there will be multiple rows with the same action name in the result set.

Column name Data type Description
principal_sid varbinary(85) SID (Security-IDentifier) of the principal.
principal_aad_object_id nvarchar(36) Microsoft Entra Object ID of the principal. Is unique within an Azure tenant.
action_type nvarchar(256) The type of an operation: Connect, Select.
action_namespace nvarchar(20) The path or namespace on which the action type part applies to.
role_name nvarchar(128) ID for joining with other dynamic management views.
role_guid nvarchar(128) The role name as defined in external policy source. Has to be unique.
policy_guid nvarchar(128) Unique identifier of the policy that defines this assignment.
role_assignment_scope nvarchar(4000) The hierarchical representation of the resource(s) that this assignment applies to.
role_assignment_type int Type of the assignment: 1, 2
role_assignment_type_desc nvarchar(5) Type of the assignment description: Allow, Deny

Permissions

Principals must have the VIEW SERVER SECURITY STATE permission.

See also