I'm a junior DBA. I want to create a SQL Server login that can access all databases, take backups, read tables, and update table values.
I thought of giving that login processAdmin
as server role and db_backupoperator
as database role:
processadmin server role can manage the processes running in SQL Server and execute query
The members of db_backupoperator database role can back up the database
I'm expecting this login should only able to read and update tables via queries and take backups of databases before update.
I don't want this login to drop any table or delete any database or restart SQL Server itself or assign any roles to others.
Are these the proper roles to accomplish my stated goal?
processadmin
definition. When I look at the docs (even as far back as 2016), it saysMembers of the processadmin fixed server role can end processes that are running in an instance of SQL Server.
Which basically meansKILL
.