Do you have a comment or suggestion to improve SQL Server? We’d love to hear it!

← SQL Server

Allow signing Database DDL Triggers and Server DDL and Logon Triggers - ADD SIGNATURE

It is not currently possible to sign non-Schema-scoped Triggers. This means that Database-scoped DDL Triggers along with Server-scoped DDL Triggers and Logon Triggers cannot (easily) participate in all of the wonderful benefits of Module Signing. Yes, there are two works around -- use EXECUTE AS, and creating a stored procedure that the Trigger calls and passes the EVENTDATA() XML into -- but both are clunky: EXECUTE AS comes with a host of issues, and creating a stored procedure requires managing that object, and either granting EXECUTE to [public] on it or doing something else kinda silly with permissions.

This desire has come up in the following places:

1. Error Signing a DDL Trigger ( https://social.msdn.microsoft.com/Forums/sqlserver/en-US/1333eecd-4c66-43d4-ab8f-03511cad4174 ).

2. Signatures & Database Triggers ( https://www.sqlservercentral.com/Forums/Topic1201441-359-1.aspx ).

3. Auditing - sp_send_dbmail from server-level triggers failed ( http://dba.stackexchange.com/questions/161624/auditing-sp-send-dbmail-from-server-level-triggers-failed/161662#161662 ).

7 votes

Sign in

(thinking…)

Sign in with:

oidc

Forgot password?

Create a password

Signed in as (Sign out)

We’ll send you updates on this idea

AdminMicrosoft SQL Server (Product Manager, Microsoft Azure) shared this idea · January 19, 2017 · Flag idea as inappropriate… · Admin →

under review ·

AdminMicrosoft SQL Server (Product Manager, Microsoft Azure) responded · January 10, 2018

Upvotes: 7

1 comment

Add a comment…

Sign in

(thinking…)

Sign in with:

oidc

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

Solomon Rutzky commented · February 21, 2018 14:01 · Flag as inappropriate

I originally submitted this suggestion via:

https://connect.microsoft.com/SQLServer/feedback/details/3119169/allow-signing-database-ddl-triggers-and-server-ddl-and-logon-triggers-add-signature

SQL Server: Suggestions

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 3,499 ideas
- Additional Services 264 ideas
- Analytics Platform System 12 ideas
- API Apps 6 ideas
- API Management 411 ideas
- Application Insights 534 ideas
- Automation 393 ideas
- Azure Active Directory 3,055 ideas
- Azure Active Directory Application Requests 212 ideas
- Azure Advisor 14 ideas
- Azure Alert Management 65 ideas
- Azure Analysis Services 132 ideas
- Azure API for FHIR 0 ideas
- Azure App Configuration 9 ideas
- Azure Backup 388 ideas
- Azure Blockchain Service 2 ideas
- Azure Bot Service 57 ideas
- Azure Cloud Shell 282 ideas
- Azure Confidential Compute 1 idea
- Azure Container Instances 87 ideas
- Azure Container Registry 52 ideas
- Azure Cosmos DB 218 ideas
- Azure CycleCloud 1 idea
- Azure Data Explorer 42 ideas
- Azure Database for MariaDB 8 ideas
- Azure Database for MySQL 52 ideas
- Azure Database for PostgreSQL 83 ideas
- Azure Database Migration Service 31 ideas
- Azure Databricks 48 ideas
- Azure DDoS Protection 6 ideas
- Azure Digital Twins 20 ideas
- Azure Event Grid 46 ideas
- Azure Functions 139 ideas
- Azure Governance 77 ideas
- Azure Government 73 ideas
- Azure IoT 232 ideas
- Azure IoT Central 70 ideas
- Azure IoT Device Catalog 10 ideas
- Azure IoT Edge 59 ideas
- Azure IoT Solution Accelerators 24 ideas
- Azure Key Vault 98 ideas
- Azure Kinect DK 7 ideas
- Azure Kubernetes Service (AKS) 113 ideas
- Azure Management Groups 15 ideas
- Azure Maps 36 ideas
- Azure Marketplace 375 ideas
- Azure Media Services 203 ideas
- Azure Migrate 30 ideas
- Azure mobile app 218 ideas
- Azure Monitor 77 ideas
- Azure Pack 315 ideas
- Azure portal 1,790 ideas
- Azure Red Hat OpenShift 1 idea
- Azure Resource Manager 396 ideas
- Azure Search 219 ideas
- Azure Security Center 165 ideas
- Azure Sentinel 15 ideas
- Azure Service Health 14 ideas
- Azure SignalR Service 7 ideas
- Azure Spatial Anchors 15 ideas
- Azure Sphere 46 ideas
- Azure Stack 141 ideas
- Azure TCO Calculator 28 ideas
- Azure Time Series Insights 5 ideas
- Batch 42 ideas
- Batch AI 8 ideas
- Biztalk Services 23 ideas
- Blockchain 39 ideas
- Cache 49 ideas
- CDN 85 ideas
- Cloud Services (Web and Worker Role) 279 ideas
- Cost Management 165 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 121 ideas
- Data Factory 692 ideas
- Data Lake 333 ideas
- Data Science VM 19 ideas
- Diagnostics and Monitoring 185 ideas
- Event Hubs 16 ideas
- Global Infrastructure 36 ideas
- HDInsight 120 ideas
- Lab Services 226 ideas
- Log Analytics 885 ideas
- Logic Apps 1,245 ideas
- Machine Learning 50 ideas
- Mobile Engagement 19 ideas
- Networking 741 ideas
- Notification Hubs 27 ideas
- Scheduler 47 ideas
- Scripting and Command Line Tools 104 ideas
- SDK and Tools 137 ideas
- Security and Compliance 80 ideas
- Service Bus 177 ideas
- Service Fabric 272 ideas
- Signup and Billing 1,301 ideas
- Site Recovery 229 ideas
- SQL Data Sync 67 ideas
- SQL Data Warehouse 235 ideas
- SQL Database 597 ideas
- SQL Managed Instance 75 ideas
- SQL Server 9,371 ideas
- Storage 703 ideas
- StorSimple 45 ideas
- Stream Analytics 225 ideas
- Support Feedback 252 ideas
- System Center Data Protection Manager 106 ideas
- Update Management 113 ideas
- Virtual Machines 1,415 ideas
- Web Apps 340 ideas
Microsoft Azure