The application - Do you understand the danger, and change permissions so "Schema Changes" can only be done by the "Schema Master"?

Updated by Brook Jeynes [SSW] 1 year ago. See history

123
<introEmbed body={<> Having many people in a company that are able to make schema changes, can only lead to big problems. This gets worse if the application is powerful (eg. enabled with [SSW SQL Deploy](https://sqldeploy.com/) that can make schema changes itself) can make schema changes. Let's see how to fix the issue: </>} />

To avoid this problem, only one person (the "Schema Master") or the release pipeline should have permissions to upgrade the database.

Image

Figure: The db_owner role is granted for one person only – the "Schema Master"

Image

Figure: And here is the "Schema Master" at SSW

Categories

Rules to Better SQL Server Schema Deployment

Acknowledgements

Adam Cogan
Related rules

Need help?

SSW Consulting has over 30 years of experience developing awesome software solutions.

We open source.Loving SSW Rules? Star us on GitHub. Star