Allow user to GRANT certain permissions to others
https://dba.stackexchange.com/questions/285285
-
15-03-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have tried googling this but may well be using the wrong terms... permissions and the like aren't my strong point.
What I want to do is first create a role - eg 'Snr_Analyst' - with certain permissions to read everything, and alter particular schemas in a database. That bit I can do.
I also want that role to be able to grant read permissions on everything in that database to any other user, but not to grant any higher permissions.
Is this possible?
I'm currently using SQL Server 2014.
Solution
you can use GRANT ... WITH GRANT OPTION.
https://docs.microsoft.com/en-us/sql/t-sql/statements/grant-transact-sql?view=sql-server-ver15
this option specifies that the security principal receiving the permission is given the ability to grant the specified permission to other security accounts.
