question

sdoubleday avatar image
sdoubleday asked

Utility to script least permissions required to run script

Hello, I am looking for a utility (maybe in PowerShell?) to analyze a .sql file and a server to determine the least permissions, down at least to the table level, required to run that script (NOT scripting out permissions that exist for a user). My use case is: I have multiple .sql files defining objects I want created each time a reporting copy of a particular database is restored. I'd like to use an active directory account as a SQL Agent proxy to run the scripts, but I'd like to give that account only the permissions it needs to run the scripts, and I would rather not slog through all the files to figure out exactly what those permissions are. I'd also like to be able to swiftly rebuild those permissions if I add more files later. Ideally, it would export a series of GRANT statements. Has anyone come across such a utility? Thanks for your help.
powershellsql-securityleast-permission
2 comments
10 |1200 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

The only utility I know that does that is the MkI Eyeball attached to the version .5 (mine is still in beta testing) Brain. I've never seen a formula that determines least security needed.
2 Likes 2 ·
:-) that's what I was afraid of. Thanks all the same.
0 Likes 0 ·

0 Answers

· Write an Answer

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.