Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Data Integration Connectors
  • All Products

Table of Contents

Search

  1. Preface
  2. Introduction to Microsoft Azure Synapse SQL Connector
  3. Connections for Microsoft Azure Synapse SQL
  4. Mappings for Microsoft Azure Synapse SQL
  5. Upgrading to Microsoft Azure Synapse SQL Connector
  6. Migrating a mapping
  7. SQL ELT optimization
  8. Data type reference
  9. Troubleshooting

Microsoft Azure Synapse SQL Connector

Microsoft Azure Synapse SQL Connector

Back Next

Verify permissions

Verify permissions

Permissions define the level of access for the operations that you can perform in Microsoft Azure Synapse SQL.
You must verify the following permissions:
  • Ensure that a default schema is present at the account level or user or group level in
    Microsoft Azure Synapse SQL
    .
  • Verify that either the
    db_owner
     privilege or the following more granular privileges are granted to the user to connect to
    Microsoft Azure Synapse SQL
     and perform operations successfully:
    • EXEC sp_addrolemember 'db_datareader', '<user>';
       // Alternately assign permission to the individual table.
    • EXEC sp_addrolemember 'db_datawriter', '<user>';
       // Alternately assign permission to the individual table.
    • GRANT ALTER ANY EXTERNAL DATA SOURCE TO <user>;
    • GRANT ALTER ANY EXTERNAL FILE FORMAT TO <user>;
    • GRANT CONTROL TO <user>;
       // To grant all permissions on the database.
      or
      GRANT ALTER ANY SCHEMA TO <user>;
      // To grant permissions only on the schema.
    • GRANT CREATE TABLE TO <user>;
    • Assign required privileges for tasks performed through Pre-SQL and Post-SQL commands.
  • If you configure the staging schema name in the connection properties, ensure the following additional privileges are granted to the user:
    • ALTER ROLE db_datareader ADD MEMBER <user>;
    • GRANT ALTER ANY EXTERNAL DATA SOURCE TO <user>;
    • GRANT ALTER ANY EXTERNAL FILE FORMAT TO <user>;
    • GRANT CREATE TABLE TO <user>;
    • GRANT ALTER ON SCHEMA::<staging_schema_name> TO <user>;
      // Ensures this user does not have access to create or drop an external table in another schema.
    • GRANT REFERENCES ON DATABASE SCOPED CREDENTIAL::<db_credential_name> TO <user>;
      // Ensures this user does not have access to drop the credentials.
      For example,
      GRANT REFERENCES ON DATABASE SCOPED CREDENTIAL::db_creds1 TO srvls;
  • If you have the ALTER ANY SCHEMA permissions, you must create the Master Key, Database Scoped Credential, and External Data Source in Microsoft Azure Synapse SQL that require the CONTROL permission on the database and specify the external data source when you create a connection.
    Also, Microsoft Azure Synapse SQL Connector does not delete the Database Scoped Credential and External Data Source. You must manually delete the Database Scoped Credential and External Data Source.
  • When you use managed identity authentication to connect to Microsoft Azure Synapse SQL, grant permissions to the virtual machine and user identity. For example,
    GRANT CONTROL TO <virtual machine name>;
     and
    GRANT CONTROL TO <user identity name>;
0 COMMENTS
We’d like to hear from you!