Im trying to create single Role to do the below. Can some one help me if possible. I need a role to do the below. Reading tables,Creating tables,Dropping tables,Reading views,Executing Stored Procedures,Executing Functions But also want this role to prohibit: Creating, altering or dropping stored procedures and Creating, altering or dropping functions Any thoughts. How can i acheive this?
I would add the role to the following database roles: db_datareader db_ddl_admin GRANT EXECUTE to role DENY CREATE PROCEDURE DENY ALTER PROCEDURE DENY DROP PROCEDURE DENY CREATE FUNCTION DENY ALTER FUNCTION DENY DROP FUNCTION I Think that would do the trick.