Security Catalog Views (Transact-SQL)

THIS TOPIC APPLIES TO:yesSQL Server (starting with 2008)noAzure SQL DatabasenoAzure SQL Data Warehouse noParallel Data Warehouse

Security information is exposed in catalog views that are optimized for performance and utility. When possible, use the following catalog views to access catalog metadata.

Database-Level Views

sys.database_permissions sys.database_scoped_credentials
sys.database_principals sys.master_key_passwords
sys.database_role_members sys.user_token

Server-Level Views

sys.credentials sys.server_principals
sys.login_token sys.server_role_members
sys.securable_classes sys.sql_logins
sys.server_permissions sys.system_components_surface_area_configuration

Encryption Views

sys.asymmetric_keys sys.cryptographic_providers
sys.certificates sys.key_encryptions
sys.column_encryption_key_values sys.openkeys
sys.column_encryption_keys sys.security_policies (Transact-SQL)
sys.column_master_key_definitions sys.security_predicates (Transact-SQL)
sys.crypt_properties sys.symmetric_keys

SQL Server Audit Views

sys.server_audits sys.server_file_audits
sys.server_audit_specifications sys.server_audit_specifications_details
sys.database_ audit_specifications sys.audit_database_specification_details

Permissions

The visibility of the metadata in catalog views is limited to securables that a user either owns or on which the user has been granted some permission. For more information, see Metadata Visibility Configuration.

See Also

Security Center for SQL Server Database Engine and Azure SQL Database
Security-Related Dynamic Management Views and Functions (Transact-SQL)