An interesting new tool (in preview) added to Azure SQL database. Now Azure portal provides flexibility to query azure sql database from a browser!! Interesting! you can simply connect to Azure portal from any browser, view the database and then launch this tool to get connected to the database. When you are in support this is nice to have feature. If you are not in front of your system you can connect to the database to perform health, connectivity check etc.
There are few good things about this tool. Result pane works similar to SSMS, it allows to split query window and result window even to a full page. The next good one is it allows to search (case sensitive) the result set across all the columns which I don’t find even in SSMS grid mode.
In my case my ID is part of AAD group so it authenticates automatically with my id and connects to the database.
As of now it supports most of the commands. Don’t expect intellisense 🙂
Minimum permissions required to access this tool is as below.
This tool requires “Allow Azure Services” firewall rule to be turned on or else it will fail to connect and end up with the below error. By default this firewall rule is turned on however if you turned off for security reasons then this tool won’t work.
Most of the organizations follow security standards and they don’t want the infrastructure folks to access their database content especially if the database has PCI data. Lets assume a scenario, as part of security standards the Azure co-administrators don’t have access to SQL Server so they cant connect to the database. However this tool allows co-administrators (even if someone compromises co-admin access) to change the Azure active directory administrator to their name or to a group and they can gain access instantaneously to the database, pull the required data. Once they are done obtaining the data they can revert back to the actual AAD admin which will go unnoticed (unless an auditing is in place and a review is done periodically). I felt this might be a possible security threat.