Summary
Azure SQL Database has several authentication and authorization options which are different from the options in SQL Server. This is because Azure SQL Database and Azure SQL Managed Instance rely on Microsoft Entra ID instead of Windows Server Active Directory.
This module explored the practices of granting permissions and what the various permissions do within a database. This module also explored the concept of “least privilege”. While the built-in roles in SQL Server and other database engines provide broad brushes of security privileges, many applications need more granular security on database objects.
Now that you've reviewed this module, you should be able to:
- Describe the differences between Active Directory and Microsoft Entra ID
- Explain authentication Options for Azure SQL Database
- Describe security principals
- Explain object permissions
- Identify authentication and authorization failures