Do you have a comment or suggestion to improve SQL Server? We’d love to hear it!

Allow signing Database DDL Triggers and Server DDL and Logon Triggers - ADD SIGNATURE

It is not currently possible to sign non-Schema-scoped Triggers. This means that Database-scoped DDL Triggers along with Server-scoped DDL Triggers and Logon Triggers cannot (easily) participate in all of the wonderful benefits of Module Signing. Yes, there are two works around -- use EXECUTE AS, and creating a stored procedure that the Trigger calls and passes the EVENTDATA() XML into -- but both are clunky: EXECUTE AS comes with a host of issues, and creating a stored procedure requires managing that object, and either granting EXECUTE to [public] on it or doing something else kinda silly with permissions.

This desire has come up in the following places:

1. Error Signing a DDL Trigger ( https://social.msdn.microsoft.com/Forums/sqlserver/en-US/1333eecd-4c66-43d4-ab8f-03511cad4174 ).

2. Signatures & Database Triggers ( https://www.sqlservercentral.com/Forums/Topic1201441-359-1.aspx ).

3. Auditing - sp_send_dbmail from server-level triggers failed ( http://dba.stackexchange.com/questions/161624/auditing-sp-send-dbmail-from-server-level-triggers-failed/161662#161662 ).

7 votes

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

We’ll send you updates on this idea

AdminMicrosoft SQL Server (Product Manager, Microsoft Azure) shared this idea · January 19, 2017 · Flag idea as inappropriate… · Admin →

under review ·

AdminMicrosoft SQL Server (Product Manager, Microsoft Azure) responded · January 10, 2018

Upvotes: 7

1 comment

Add a comment…

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

An error occurred while saving the comment

Solomon Rutzky commented · February 21, 2018 14:01 · Flag as inappropriate

I originally submitted this suggestion via:

https://connect.microsoft.com/SQLServer/feedback/details/3119169/allow-signing-database-ddl-triggers-and-server-ddl-and-logon-triggers-add-signature

Submitting...

SQL Server: Suggestions

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 3,441 ideas
- Additional Services 311 ideas
- Analytics Platform System 12 ideas
- API Apps 8 ideas
- API Management 444 ideas
- Automation 396 ideas
- Azure Active Directory 3,302 ideas
- Azure Active Directory Application Requests 216 ideas
- Azure Advisor 16 ideas
- Azure Analysis Services 141 ideas
- Azure API for FHIR 2 ideas
- Azure App Configuration 13 ideas
- Azure Backup 412 ideas
- Azure Blockchain Service 2 ideas
- Azure Bot Service 59 ideas
- Azure Cloud Shell 306 ideas
- Azure Confidential Compute 3 ideas
- Azure Container Instances 93 ideas
- Azure Container Registry 60 ideas
- Azure Cosmos DB 227 ideas
- Azure CycleCloud 1 idea
- Azure Data Explorer 52 ideas
- Azure Data Share (Public Preview) 2 ideas
- Azure Database for MariaDB 7 ideas
- Azure Database for MySQL 55 ideas
- Azure Database for PostgreSQL 86 ideas
- Azure Database Migration Service 43 ideas
- Azure Databricks 55 ideas
- Azure Dev Spaces 2 ideas
- Azure Digital Twins 22 ideas
- Azure Event Grid 52 ideas
- Azure Functions 156 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 89 ideas
- Azure Government 78 ideas
- Azure IoT 242 ideas
- Azure IoT Central 82 ideas
- Azure IoT Device Catalog 14 ideas
- Azure IoT Edge 61 ideas
- Azure IoT Solution Accelerators 27 ideas
- Azure Key Vault 110 ideas
- Azure Kinect DK 34 ideas
- Azure Kubernetes Service (AKS) 137 ideas
- Azure Lighthouse 9 ideas
- Azure Management Groups 22 ideas
- Azure Maps 39 ideas
- Azure Marketplace 384 ideas
- Azure Media Services 203 ideas
- Azure Migrate 32 ideas
- Azure mobile app 220 ideas
- Azure Monitor 89 ideas
- Azure Monitor- Alert Management 76 ideas
- Azure Monitor-Application Insights 552 ideas
- Azure Monitor-Log Analytics 883 ideas
- Azure Pack 324 ideas
- Azure portal 1,804 ideas
- Azure Red Hat OpenShift 12 ideas
- Azure Resource Manager 424 ideas
- Azure Search 230 ideas
- Azure Security Center 187 ideas
- Azure Sentinel 22 ideas
- Azure Service Health 19 ideas
- Azure SignalR Service 8 ideas
- Azure Spatial Anchors 16 ideas
- Azure Sphere 60 ideas
- Azure Stack 153 ideas
- Azure TCO Calculator 28 ideas
- Azure Time Series Insights 8 ideas
- Batch 44 ideas
- Batch AI 9 ideas
- Biztalk Services 23 ideas
- Blockchain 41 ideas
- Cache 51 ideas
- Change Tracking 7 ideas
- Cloud Services (Web and Worker Role) 284 ideas
- Cost Management 170 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 127 ideas
- Data Factory 700 ideas
- Data Lake 335 ideas
- Data Science VM 19 ideas
- Diagnostics and Monitoring 187 ideas
- Event Hubs 21 ideas
- Global Infrastructure 43 ideas
- HDInsight 124 ideas
- Lab Services 245 ideas
- Logic Apps 1,297 ideas
- Machine Learning 70 ideas
- Mobile Engagement 19 ideas
- Networking 878 ideas
- Notification Hubs 26 ideas
- Scheduler 47 ideas
- Scripting and Command Line Tools 108 ideas
- SDK and Tools 138 ideas
- Security and Compliance 85 ideas
- Service Bus 183 ideas
- Service Fabric 277 ideas
- Signup and Billing 1,417 ideas
- Site Recovery 242 ideas
- SQL Data Sync 68 ideas
- SQL Data Warehouse 248 ideas
- SQL Database 638 ideas
- SQL Managed Instance 94 ideas
- SQL Server 9,675 ideas
- Storage 741 ideas
- StorSimple 46 ideas
- Stream Analytics 229 ideas
- Support Feedback 267 ideas
- System Center Data Protection Manager 110 ideas
- Update Management 109 ideas
- Virtual Machines 1,415 ideas
- Web Apps 362 ideas
Microsoft Azure