Skip to content

Get-AZanushka/SQL-Temp-Roles

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
New-SQLAzureUser.ps1
New-SQLAzureUser.ps1
 
 
README.md
README.md
 
 
Remove-SQLAzureUser.ps1
Remove-SQLAzureUser.ps1
 
 

Repository files navigation

SQL Temporary Access

Customer request was to have a mechanism to provide Azure AD users temporary access to databases, in the case of support requests, application development, etc. The following solution uses a Logic App that is triggered by a new Microsoft Form response, where the user to request access. The Logic App connects to two Azure Automation runbooks to give access to the requested user, then remove access after the specified length of time.

Deployment Steps

  1. Create a Microsoft Form to gather request information image

  2. Create an Azure Automation account with Run As account (service principal)

  3. Give Service Principal Azure AD Admin permissions to SQL Server

  4. Add runbooks from this repo to Azure Automation account
    Provide access
    Remove access

  5. Create Logic App

Overview

image

Trigger using Form

image

Run Azure Automation runbook to provide access

image

Run Azure Automation runbook with specified delay to remove access

image

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages