我尝试使用SSMS在azure SQL中创建作用域凭据。
CREATE DATABASE SCOPED CREDENTIAL [cred-name] WITH IDENTITY = [db-user], SECRET = 'password'
我一直遇到错误消息,说明" cred-name'附近的语法不正确。预期' ='。"我不确定我的语法是如何不正确的,因为我过去已经成功完成了这个确切的命令,因此我不确定发生了什么变化。我想也许只是intellisense搞砸了所以我更新了我的SSMS实例从17.3到17.7但我仍然得到相同的错误信息。
有没有人知道可能会发生什么变化?
答案 0 :(得分:4)
运行您针对 Microsoft SQL Azure(RTM) - 12.0.2000.8 May 4 2018 13:05:56 版本发布的确切T-SQL会导致以下错误:
Msg 102, Level 15, State 1, Line 1
Incorrect syntax near 'db-user'.
替换单引号的标识名括号会导致以下错误:
Msg 15581, Level 16, State 6, Line 1
Please create a master key in the database or open the master key in the session before performing this operation.
使用以下T-SQL创建主密钥允许我创建凭证成功:
CREATE MASTER KEY ENCRYPTION BY PASSWORD='MyPassw0rdIsComplex.'
GO
CREATE DATABASE SCOPED CREDENTIAL [cred-name] WITH IDENTITY = 'db-user' , SECRET = 'password'
GO
此外,您可以使用以下查询检查范围凭据:
SELECT * FROM sys.database_scoped_credentials WHERE credential_identity='db-user'
我使用SSMS版本17.2,但我不确定这是否重要,因为错误将来自SQL Server引擎本身。
答案 1 :(得分:0)
需要打开主密钥才能对数据库范围的凭据进行加密。
因此,如果已经存在主密钥,则可以编写以下内容:
OPEN MASTER KEY DECRYPTION BY PASSWORD = '<your password>';
CREATE DATABASE SCOPED CREDENTIAL [<your credential>]
WITH IDENTITY = 'SHARED ACCESS SIGNATURE', SECRET = '<your SAS secret without the preleading ?>';
CLOSE MASTER KEY; -- only necessary if you need to close the master key context and continue scripting. (it will close with the session/query close)
...
如果不存在主密钥,则可以编写:
CREATE MASTER KEY ENCRYPTION BY PASSWORD = '<your password>';
CREATE DATABASE SCOPED CREDENTIAL [<your credential>]
WITH IDENTITY = 'SHARED ACCESS SIGNATURE', SECRET = '<your SAS secret without the preleading ?>';
CLOSE MASTER KEY; -- only necessary if you need to close the master key context. (it will close with the session/query close)
...
出于某种原因,intellisense无法理解语法-但无论如何它都会执行。