sql server – How to prevent deletion of Azure SQL db in SSMS
We tried to follow this URL: protecting azure sql databases from accidental deletion, but it only prevents it from the Portal?
As per this Document,
While a delete lock on an Azure SQL database will prevent deletion operations through the Azure portal or other Azure tools,
It will not prevent a user with proper permissions on the SQL Server from deleting the database by executing a T-SQL command like “DROP DATABASE [DATABASENAME]” and through SSMS doesn’t know which azure locks applied on Azure SQL database it will delete the database.
If you want to prevent users from deleting Azure SQL databases through T-SQL commands,
- You can use role-based access control (RBAC) to restrict database permissions for specific users or groups.
- By granting only the necessary permissions to users, you can prevent accidental or intentional deletion of important databases.
—CONTROL
permission on the database
— OrALTER ANY DATABASE
— Or thedb_owner
role in the database.
mainly these permissions are required to delete database.
Thankfully, the server that the wiped database was on should have the ability to restore the deleted database.
Read more here: Source link