Summary

After you get past the fine points, managing all database objects is a fairly simple matter of using the CREATE, ALTER, and DROP statements for each type of object. These three SQL statements comprise Data Definition Language (DDL), which is the most common method used by administrative tools to design a database and its objects.

Many types of database objects exist, some of which are specialized, and others are more common. In this chapter, you learned to create and manage tables, views, stored procedures, and user-defined functions.

Security permissions are applied for a combination of an object and a user or role. Roles allow groups of users with similar requirements to be managed as a cohesive unit, rather than as individuals. Because SQL Server lets you define logins and users separately or integrated with existing Windows users and groups, security can be managed at a very granular level. This provides a great deal of flexibility for both simple database applications and complex enterprise solutions. Applicable, object-specific actions can be enabled or restricted on each object for individual users or those belonging to a defined role. Permissions to perform an action (such as Insert, Update, Delete, Select, or Execute) may be explicitly granted or denied, and revoking a permission removes that permission, whether it be a grant or deny.

There is much to consider when planning the security requirements for your system. This is one of a database administrator's most important tasks. This chapter just scratched the surface of this important topic in focusing only on the SQL language related to this topic.