Security Catalog Views (Transact-SQL)

  • Article

Applies to: SQL Server

Security information is exposed in catalog views that are optimized for performance and utility. When possible, use the following catalog views to access catalog metadata.

Database-Level Views

sys.database_permissions

sys.database_scoped_credentials

sys.database_principals

sys.master_key_passwords

sys.database_role_members

sys.user_token

 

Server-Level Views

sys.credentials

sys.server_principals

sys.login_token

sys.server_role_members

sys.securable_classes

sys.sql_logins

sys.server_permissions

sys.system_components_surface_area_configuration

 

Encryption Views

sys.asymmetric_keys

sys.cryptographic_providers

sys.certificates

sys.key_encryptions

sys.column_encryption_key_values

sys.openkeys

sys.column_encryption_keys

sys.security_policies (Transact-SQL)

sys.column_master_keys

sys.security_predicates (Transact-SQL)

sys.crypt_properties

sys.symmetric_keys

 

SQL Server Audit Views

sys.server_audits

sys.server_file_audits

sys.server_audit_specifications

sys.server_audit_specifications_details

sys.database_audit_specifications

sys.database_audit_specification_details

Ledger Views

sys.database_ledger_transactions

sys.database_ledger_blocks

sys.ledger_table_history

sys.ledger_column_history

sys.database_ledger_digest_locations

 

Permissions

The visibility of the metadata in catalog views is limited to securables that a user either owns, or on which the user was granted some permission. For more information, see Metadata Visibility Configuration.

See Also

Security Center for SQL Server Database Engine and Azure SQL Database
Security-Related Dynamic Management Views and Functions (Transact-SQL)