SQLBits session: Microsoft Purview Data Policy App
Thanks everyone for visiting my session during SQLBits. It’s great to see such a full room and that so many people have started using Microsoft Purview.
The slides can be downloaded via the link below, so that you can view them again at home.
It could well be that it was a lot of information in 20 minutes. If you have any questions, be sure to let me know.
During the session we discussed a number of tables where the policies are stored. Below is an overview of the different options
— Lists generally supported actions
SELECT * FROM sys.dm_server_external_policy_actions
— Lists the roles that are part of a policy published to this server
SELECT * FROM sys.dm_server_external_policy_roles
— Lists the links between the roles and actions, could be used to join the two
SELECT * FROM sys.dm_server_external_policy_role_actions
— Lists all Azure AD principals that were given connect permissions
SELECT * FROM sys.dm_server_external_policy_principals
— Lists Azure AD principals assigned to a given role on a given resource scope
SELECT * FROM sys.dm_server_external_policy_role_members
— Lists Azure AD principals, joined with roles, joined with their data actions
SELECT * FROM sys.dm_server_external_policy_principal_assigned_actions
— Force immediate download of latest published policies
exec sp_external_policy_refresh reload