What's the "master" database in SQL Azure for? I just created a subscription and once I created a "new SQL Server" I immediately got "master" database with 1GB size. That database can't be deleted - "delete" button is not active in the management portal.
When I tried to deploy a .dbproj project there Visual Studio said it "couldn't deploy to a system database".
Can I use that database for storing my data? Do I create a new database instead?
Just a note: you will not be charged for the master DB.
master is a required system database that's responsible for holding info about all the the other database on the server instance, system metrics/config, managing logins & database creation etc, its read-only and can't be removed.
You will need to create a new database and deploy to that.
The master database records all the system-level information for a SQL Server system. This includes instance-wide metadata such as logon accounts, endpoints, linked servers, and system configuration settings
Related
I have created a PostgreSQL database on Heroku. I have downloaded pgAdmin 4 on my macOS machine and I was able to connect pgAdmin to my remote Heroku database server instance I have just created. But now I can't do anything:
The option to create a new database is disabled for me (Object -> Create -> Database)
When I extend the databases node, I can't see the database name created in Heroku. But I see a long list of database names for which I don't have access rights
Finally I can't write any SQL scripts; the SQL editor is read-only.
Basically I can't do nothing apart from starting the pgAdmin application.
I suppose it is a matter of my user privilege. But how can I change my user privilege if the SQL editor is read-only?
You won't be able to create a database on Heroku Postgres with pgAdmin.
When you provision a database on Heroku Postgres you are given a single database, not administrative access to the whole server:
As part of the provisioning process, a DATABASE_URL config var is added to your app’s configuration. This contains the URL your app uses to access the database
You can connect to that existing database with pgAdmin, but you won't be able to create another database. The value of DATABASE_URL is a standard URI that will look something like
postgres://user:password#host:port/database
Feel free to pull individual values out of the DATABASE_URL and use them in pgAdmin.
I'm using the Telegraf input plugin for SQL Server (https://github.com/influxdata/telegraf/tree/master/plugins/inputs/sqlserver) to gather metrics and report to InfluxDB. It works well for SQL Server, but though it supports Azure SQL Database the documentation is a bit sparse.
The database user should be created like this:
CREATE LOGIN [telegraf] WITH PASSWORD = N'password';
GRANT VIEW SERVER STATE TO [telegraf];
GRANT VIEW ANY DEFINITION TO [telegraf];
That works on SQL Server, but in Azure it fails:
Securable class 'server' not supported in this version of SQL Server.
I wonder what I need to grant instead in order to solve this in the best possible way. We have a large number of databases running on the same server in an elastic pool, so if it is possible I would like to use a single user that logs in to the master and collects metrics for all the databases at once (the way it works with SQL Server). If that is impossible I can configure multiple logins and process one database at a time.
Perhaps I can grant VIEW DEFINITION at the database level, but VIEW SERVER STATE does not seem to be supported at all.
So, how should I configure the SQL Database login(s) for Telegraf with the SQL Server plugin to make it work?
EDIT:
Running as the super user for the server works without errors, but only produces metrics for master and tempdb. I need metrics for the many application databases and they are missing. Plus running as the super user is less than ideal.
Running as the super user for the server but connecting to a specific application database (add database in connection string) crashes with a nil pointer dereference and the log complains about VIEW DATABASE STATE permission denied in database master (the super user has access, but apparently not when connecting to a spefic database).
Granting VIEW DATABASE and VIEW DEFINITION to telegraf in an application database and connecting directly to that database as telegraf crashes with a nil pointer dereference and the log says the connection was closed.
EDIT 2:
Created bug report https://github.com/influxdata/telegraf/issues/4222.
EDIT 3:
As of the latest release the plugin works if the server admin account is used, so the issue has been solved. There is still no way to run with a less privileged account in Azure DB.
The answer:
GRANT VIEW SERVER STATE is not supported in Azure SQL Database.
On SQL Database Premium Tiers requires the VIEW DATABASE STATE
permission in the database. Permissions can not be granted in Master,
but the views can be queried in user databases. On SQL Database
Standard and Basic Tiers requires the SQL Database server admin
account due to security requirements following from multi tenancy of
those tiers.
Reason:
SQL Azure SQL is PaaS solution, therefore the most "server" specific features, DMVs, settings are blocked by purpose
References:
Grant View Server State - is it possible for a none SA user to have in Azure SQL?
SQL Azure VIEW DATABASE STATE permission denied in database 'master'
Possible workaround: (which is, anyway does not work in ewramner case)
CREATE LOGIN [telegraf] WITH PASSWORD = N'password';
USE [yourDB]
GRANT VIEW DEFINITION TO [telegraf];
GRANT VIEW DATABASE STATE TO [telegraf];
Therefore, (IMHO), there is no way to make such application working in SQL Azure without changing application code
I read this article: https://msdn.microsoft.com/en-us/library/azure/ee336235.aspx
I don't know how to connect to the master database. I don't see it anywhere on the portals.
I want to be able to manage which credentials have access to which db and at which level. Preferably using a GUI.
There are a couple of ways to manage credentials in Azure SQL DB.
The simplest is to use the GUI in the NEW azure portal (https://portal.azure.com/) -- open the SQL Database server of interest and manage access using the "Roles" and "Users" options in the "Access" group at the bottom of your Server pane.
You can also connect to the Server using Visual Studio (SQL Server Data Tools add-in). Open Visual Studio and under VIEW, select SQL Server Object Explorer. You can add the Azure DB server to that tree, you will have an option of connecting to the "Master" database (under System Databases) and running SQL commands to create users, or graphically add new users under Master > Security > Users. Once the user is created, logins can be created and then individual database permissions added.
I publish my SQL Server database on my local machine to Azure via Management Studio.
Say I name the database on Azure "California". The first time I do it its ok.
Then I made changes on my database on local, adding columns, adding data, etc. Then I want to deploy this database to Azure again.
But now Management Studio won't let me do it. It says database "California" already exists on Azure.
I can get away with this problem by deleting existing "California" on Azure first, then deploy again. But this seems not correct...Every time I make database changes on local, I need to delete the one on Azure before I deploy?
Does anyone know how to solve this problem?
The best way is to create a database project in Visual Studio to maintain your database schema and then you can do a database compare to create a script to update the database on Azure.
http://weblogs.asp.net/gunnarpeipman/archive/2013/01/28/using-visual-studio-database-projects-in-real-life.aspx
RedGate Schema Compare will also do a similar thing.
Update Jan 2020
(I'm assuming the question is to update the schema on Azure, not update data)
If you are using Code First for creating your database. Then it is really simple.
Assuming your connection string is pointing to a local database (the one you want to update to Azure)
Make the changes to your entities
Create a new migration for those changed (Add-Migration etc)
Update the migrations to your local database.
Now just change the connection string to point to your Azure database
Update the migrations again, which will now update to the Azure database
Voila! That simple
I know its been a while since the question was asked, however, there is no accepted answer. Thus to aid anyone coming here with a similar issue the following link describes a number of methods.
I prefer deploying a SqlDb from SQL Management Studio
http://azure.microsoft.com/en-us/documentation/articles/sql-database-deploy/
How to: Deploy to SQL Database
In Management Studio, connect to an on-premises SQL Server instance that has a database you want to migrate.
1) Right-click the database --> Tasks and click Deploy Database to SQL Azure.
2) In Deployment Settings, enter a name for the database.
3) Click Connect.
4) In Server name, enter the 10-character server name, followed by .database.windows.net.
5) In Authentication, choose SQL Server Authentication.
6) Enter the administrator login name and password that you provisioned when creating the SQL Database logical server.
7) Click Options.
8) In Connection Properties, in Connect to database, type master.
9) Click Connect. This step concludes the connection specification and takes you back to the wizard.
10) Click Next and click Finish to run the wizard.
If you are using SQL 2012, you can export a data tier application (bacpac) file, then import that when you login to your SQL Azure instance.
I want to manage permissions and access to a SQL Server database server on a development machine. I've created a local windows group (called DBReaderGroup) and assigned various people to it. The group was created as a SQL Server login successfully:
create login [MYMACHINE\DBReaderGroup] from windows
My goal is to grant this group read/write access to all databases (which are constantly being added and dropped). Is it possible to configure the right settings so that SQL Server manages this?
My biggest challenge is that each time a db is created, I have to update the "User Mapping" settings for this group on the new database.
Am I missing something simple?
Add the login to the Model database in the db_datawriter role, and any new database will give that login full write access by default. This won't work, however, if the databases being added are from other sources (ie restored versions).