Configure and manage Azure AD authentication with Azure SQL
Identifying who accessed Azure SQL using audit logs
Azure Active Directory authentication
Azure SQL Database Authentication and Auditing Other Options for SQL Database
Authentication and authorization
Authentication is the process of proving the user is who they claim to be. A user connects to a database using a user account. When a user attempts to connect to a database, they provide a user account and authentication information. The user is authenticated using one of the following two authentication methods:
SQL authentication.
With this authentication method, the user submits a user account name and associated password to establish a connection. This password is stored in the master database for user accounts linked to a login or stored in the database containing the user accounts not linked to a login.
Azure Active Directory Authentication
With this authentication method, the user submits a user account name and requests that the service use the credential information stored in Azure Active Directory (Azure AD).
Logins and users: A user account in a database can be associated with a login that is stored in the master database or can be a user name that is stored in an individual database.
A login is an individual account in the master database, to which a user account in one or more databases can be linked. With a login, the credential information for the user account is stored with the login.
A user account is an individual account in any database that may be, but does not have to be, linked to a login. With a user account that is not linked to a login, the credential information is stored with the user account.
Authorization to access data and perform various actions are managed using database roles and explicit permissions. Authorization refers to the permissions assigned to a user, and determines what that user is allowed to do. Authorization is controlled by your user account's database role memberships and object-level permissions. As a best practice, you should grant users the least privileges necessary.
#PaddyMaddy #cloudComputing #azuretutorial #microsoftazuretutorialforbeginners #azureforbeginners #azurebasics #microsoftazuretraining #Az900 #AZ500, #microsoftazurecertification, #AZ303 #az300 #az104 #paddyMaddy #azuretraining
