You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Lists all database and server principals created from Microsoft Entra ID (formerly Azure Active Directory), joined with roles, joined with their data actions.
Note
This view returns one record per assignment. If the same action has been assigned at multiple scopes (like via different role-assignments or different scopes), there will be multiple rows with the same action name in the result set.
Column name
Data type
Description
principal_sid
varbinary(85)
SID (Security-IDentifier) of the principal.
principal_aad_object_id
nvarchar(36)
Microsoft Entra Object ID of the principal. Is unique within an Azure tenant.
action_type
nvarchar(256)
The type of an operation: Connect, Select.
action_namespace
nvarchar(20)
The path or namespace on which the action type part applies to.
role_name
nvarchar(128)
ID for joining with other dynamic management views.
role_guid
nvarchar(128)
The role name as defined in external policy source. Has to be unique.
policy_guid
nvarchar(128)
Unique identifier of the policy that defines this assignment.
role_assignment_scope
nvarchar(4000)
The hierarchical representation of the resource(s) that this assignment applies to.
role_assignment_type
int
Type of the assignment: 1, 2
role_assignment_type_desc
nvarchar(5)
Type of the assignment description: Allow, Deny
Permissions
Principals must have the VIEW SERVER SECURITY STATE permission.