Below is a script you can modify to create a Login for an Azure SQL Server instance along with Users from that Login within databases.
To use the script don’t execute it all at once.
Execute the script in stages:
Section 1 & 2 can be executed together.
Section 3 requires you to switch to the target database.
Section 4 relates to limiting data access to a particular role or schema.
/* Find & replace the following with a login name and user name */ /* ServerLogin DbUser */ /* 1: Create SQL Login on master database (connect with admin account to master database) */ CREATE LOGIN ServerLogin WITH PASSWORD = '<strong_password>'; /*2: Create SQL User on the master database (this is necessary for login attempt to the <default> database, as with Azure SQL you cannot set the DEFAULT_DATABASE property of the login so it always will be [master] database.) */ CREATE USER DbUser FROM LOGIN ServerLogin; /***************************/ /*SWITCH TO TARGET DATABASE*/ /***************************/ /* 3: Create SQL User on the user database (connect with admin account to user database) */ CREATE USER DbUser FROM LOGIN ServerLogin; /*************************/ /*SECURITY CONSIDERATIONS*/ /*************************/ /*Set up role example*/ /*4. Grant permissions to the user by assigning them to a database role*/ ALTER ROLE db_datareader ADD MEMBER DbUser; /*Limit access to schema*/ /*Or instead of step four you can use the below:*/ GRANT SELECT ON SCHEMA::schemaName TO DbUser;
Tidbytez 