In SQL Azure how can I create a read only user

Question

I would like to create an SQL Azure user and grant her read-only access on a handful of DBs, what script can I use to achieve this?

Answer 1

A pure TSQL script is super messy, SQL Azure disables the USE command, so you are stuck opening connections to each DB you need to give the user read access.

This is the gist of the pattern.

In Master DB:

CREATE LOGIN reader WITH password='YourPWD';
-- grant public master access
CREATE USER readerUser FROM LOGIN reader;

In each target DB (requires a separate connection)

CREATE USER readerUser FROM LOGIN reader;
EXEC sp_addrolemember 'db_datareader', 'readerUser';

Answer 2

You can create new user without creating login on master DB (which is require make a separate connection)

CREATE USER user1 WITH password='<Strong_Password>';

https://azure.microsoft.com/en-us/documentation/articles/sql-database-manage-logins/

Answer 3

OR... Use the Azure User Management console - AUMC to manage the Logins and Users.

It's a open source project available on codeplex AUMC.codeplex.com

Project Description

Azure User Management Console - AUMC is a User Graphic Interface (GUI) that manages the users and logins of an Azure SQL database. The tool is simply converting your action into T-SQL commands and execute them on the Azure SQL Database.

A quick simple tool with a user interface! Don

Enjoy!