sys.dm_server_external_policy_role_members (Transact-SQL)

Applies to: SQL Server 2022 (16.x) Azure SQL Database

Lists all database and server principals created from Microsoft Entra ID (formerly Azure Active Directory) assigned to a given role on a given resource scope.

Column name	Data type	Description
principal_aad_object_id	int	Microsoft Entra Object ID of the principal. Is unique within an Azure tenant.
role_guid	nvarchar(36)	The role name as defined in external policy source.
action_type	nvarchar(128)	The type of an operation: Connect, Select.
policy_guid	nvarchar(128)	Unique identifier of the policy that defines this assignment.
assignment_scope	nvarchar(4000)	The hierarchical representation of the resource(s) that this assignment applies to.
assignment_type	int	Type of the assignment: 1, 2
assignment_type_desc	nvarchar(5)	Type of the assignment description: Allow, Deny

Permissions

Principals must have the VIEW SERVER SECURITY STATE permission.

See also

sys.dm_server_external_policy_principal_assigned_actions (Transact-SQL)

• Provision access by data owner for Azure SQL Database

• Provision access by data owner for SQL Server on Azure Arc-enabled servers