In a prior blog, we announced the General Availability (GA) of the Microsoft Purview DevOps policies integration with SQL Server 2022 (Arc-enabled). Today, we are launching DevOps policies for Azure SQL Database into GA.
In a nutshell, you can use DevOps policies to provision access to database system metadata at-scale, securely and inexpensively. Who needs that access? Your internal IT/DevOps personnel or your external contractors that are tasked with monitoring health, tuning performance, and reviewing audit information in SQL systems.
With DevOps policies, you can now manage access to SQL Dynamic Management Views and Functions (DMVs and DMFs) from a central place in the cloud, in a simple experience that provides visibility on who has access to what. No need to directly connect to databases or to explicitly create logins or users on a server.
In the screenshot below, you see DevOps policies for Azure SQL Database, SQL Server 2022 (Arc-enabled), Azure SQL MI, and also on an entire Azure resource group.
Figure 1: Example of DevOps policies
The benefits of Microsoft Purview DevOps policies have been discussed in prior blogs. We link here them and a few more resources, to answer some common questions:
- What do you mean by "provision access" at-scale?
- How can DevOps policies help me enhance the security?
- How can I configure DevOps policies as an inexpensive solution?
- Can you quickly show me the experience?
- Can I see a quick demo video?
- I'd like to learn more. Can you point me to the documentation?
- I'd like to try this experience. How do I get started?
- Can you give me examples of what a user that is granted access as SQL Performance Monitor or as SQL ...
- How can I enroll in the private preview of DevOps policies for Azure SQL MI?
Thanks for reading!