Do you have a comment or suggestion to improve SQL Server? We’d love to hear it!

Allow signing Database DDL Triggers and Server DDL and Logon Triggers - ADD SIGNATURE

It is not currently possible to sign non-Schema-scoped Triggers. This means that Database-scoped DDL Triggers along with Server-scoped DDL Triggers and Logon Triggers cannot (easily) participate in all of the wonderful benefits of Module Signing. Yes, there are two works around -- use EXECUTE AS, and creating a stored procedure that the Trigger calls and passes the EVENTDATA() XML into -- but both are clunky: EXECUTE AS comes with a host of issues, and creating a stored procedure requires managing that object, and either granting EXECUTE to [public] on it or doing something else kinda silly with permissions.

This desire has come up in the following places:

Error Signing a DDL Trigger ( https://social.msdn.microsoft.com/Forums/sqlserver/en-US/1333eecd-4c66-43d4-ab8f-03511cad4174 ).

Signatures & Database Triggers ( https://www.sqlservercentral.com/Forums/Topic1201441-359-1.aspx ).

Auditing - spsenddbmail from server-level triggers failed ( http://dba.stackexchange.com/questions/161624/auditing-sp-send-dbmail-from-server-level-triggers-failed/161662#161662 ).

8 votes

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

We’ll send you updates on this idea

AdminMicrosoft SQL Server (Product Manager, Microsoft Azure) shared this idea · Jan 19, 2017 · Flag idea as inappropriate… · Admin →

under review ·

AdminMicrosoft SQL Server (Product Manager, Microsoft Azure) responded · Jan 10, 2018

Upvotes: 7

1 comment

Add a comment…

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

An error occurred while saving the comment

Solomon Rutzky commented · February 21, 2018 2:01 PM · Flag as inappropriate

I originally submitted this suggestion via:

https://connect.microsoft.com/SQLServer/feedback/details/3119169/allow-signing-database-ddl-triggers-and-server-ddl-and-logon-triggers-add-signature

Submitting...

SQL Server: Suggestions

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 5,411 ideas
- ACE Tools 49 ideas
- Additional Services 323 ideas
- Analytics Platform System 16 ideas
- API Apps 0 ideas
- API Management 584 ideas
- Automation 500 ideas
- Azure Active Directory 4,515 ideas
- Azure Active Directory Application Requests 267 ideas
- Azure Advisor 32 ideas
- Azure Analysis Services 175 ideas
- Azure API for FHIR 12 ideas
- Azure App Configuration 36 ideas
- Azure Arc 22 ideas
- Azure Backup 473 ideas
- Azure Blockchain Service 10 ideas
- Azure Bot Service 29 ideas
- Azure Certified Device 14 ideas
- Azure Cloud Shell 342 ideas
- Azure Confidential Compute 1 idea
- Azure Container Instances 146 ideas
- Azure Container Registry 88 ideas
- Azure Cosmos DB 236 ideas
- Azure CycleCloud 3 ideas
- Azure Data Explorer 166 ideas
- Azure Data Share 9 ideas
- Azure Database for MariaDB 16 ideas
- Azure Database for MySQL 62 ideas
- Azure Database for PostgreSQL 126 ideas
- Azure Database Migration Service 71 ideas
- Azure Databricks 203 ideas
- Azure Dev Spaces 9 ideas
- Azure Digital Twins 15 ideas
- Azure Event Grid 61 ideas
- Azure FarmBeats 11 ideas
- Azure Functions 214 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 192 ideas
- Azure HPC Cache 0 ideas
- Azure IoT (Hub, DPS, SDKs) 307 ideas
- Azure IoT Central 143 ideas
- Azure IoT Edge 80 ideas
- Azure IoT Security 1 idea
- Azure IoT Solution Accelerators 44 ideas
- Azure Key Vault 166 ideas
- Azure Kinect DK 59 ideas
- Azure Kubernetes Service (AKS) 262 ideas
- Azure Lighthouse 27 ideas
- Azure Management Groups 21 ideas
- Azure Maps 58 ideas
- Azure Marketplace 429 ideas
- Azure Media Services 235 ideas
- Azure Migrate 56 ideas
- Azure mobile app 279 ideas
- Azure Monitor 210 ideas
- Azure Monitor- Alert Management 147 ideas
- Azure Monitor-Application Insights 734 ideas
- Azure Monitor-Log Analytics 964 ideas
- Azure NetApp Files (ANF) 23 ideas
- Azure Pack 283 ideas
- Azure portal 2,122 ideas
- Azure Red Hat OpenShift 12 ideas
- Azure Remote Rendering 7 ideas
- Azure Reservations 191 ideas
- Azure Resource Manager 530 ideas
- Azure Search 271 ideas
- Azure Security Center 276 ideas
- Azure Sentinel 111 ideas
- Azure Service Health 35 ideas
- Azure SignalR Service 15 ideas
- Azure Spatial Anchors 27 ideas
- Azure Sphere 77 ideas
- Azure Spring Cloud 2 ideas
- Azure Stack HCI 0 ideas
- Azure Stack Hub 193 ideas
- Azure Synapse Analytics 375 ideas
- Azure TCO Calculator 30 ideas
- Azure Time Series Insights 25 ideas
- Batch 36 ideas
- Batch AI 10 ideas
- Biztalk Services 14 ideas
- Blockchain 53 ideas
- Cache 34 ideas
- Change Tracking 12 ideas
- Cloud Services (Web and Worker Role) 270 ideas
- Cost Management 291 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 167 ideas
- Data Factory 1,035 ideas
- Data Lake 353 ideas
- Data Science VM 24 ideas
- Diagnostics and Monitoring 198 ideas
- Event Hubs 38 ideas
- Global Infrastructure 44 ideas
- HDInsight 130 ideas
- Lab Services 334 ideas
- Logic Apps 1,675 ideas
- Machine Learning 201 ideas
- Mobile Engagement 19 ideas
- Networking 1,326 ideas
- Notification Hubs 35 ideas
- Project Bonsai 28 ideas
- Scheduler 42 ideas
- Scripting and Command Line Tools 102 ideas
- SDK and Tools 142 ideas
- Security and Compliance 96 ideas
- Service Bus 193 ideas
- Service Fabric 302 ideas
- Signup and Billing 1,706 ideas
- Site Recovery 285 ideas
- SQL Data Sync 68 ideas
- SQL Database 814 ideas
- SQL Managed Instance 145 ideas
- SQL Server 10,437 ideas
- SQL Server - Big Data Clusters 44 ideas
- Storage 990 ideas
- StorSimple 26 ideas
- Stream Analytics 262 ideas
- Support Feedback 267 ideas
- System Center Data Protection Manager 147 ideas
- Update Management 172 ideas
- Virtual Machines 1,648 ideas
- Web Apps 573 ideas
Microsoft Azure