Microsoft SQL Server

Veza connects to standalone SQL Server instances via a local user, using the configured host, port, username, and password. Typically, an Insight Point is recommended to enable a secure connection between Veza and the SQL host. For testing purposes, you can use the internal Insight Point, assuming that firewall rules allow communication with Veza.

NOTE: System databases are not included in the database fetching.

Configuring SQL Database user

1) Connect to your SQL Server and create new SQL Server Login with password.

To enable discovery for SQL Server, you will need credentials for a local SQL Server user (Login with password). Connect to the server using your client of choice, and create the user with the command:

CREATE LOGIN <db_user> WITH PASSWORD = '<password>';

2) Assign read only permissions for the service account.

Grant the following permissions to the SQL Server Login from the previous step:

SQL 2008 and 2012

GRANT VIEW ANY DEFINITION TO <db_user>;
GRANT VIEW ANY DATABASE TO <db_user>;
GRANT CONNECT SQL TO <db_user>;

SQL 2014 and later

GRANT VIEW ANY DEFINITION TO <db_user>;
GRANT CONNECT ANY DATABASE TO <db_user>;

Configure Veza

To add the connection, go to Configuration > Integrations_ > Create Integration and choose "SQL Server".

1. If you are using an external Insight Point for discovery, change the selection from the default internal Insight Point to the one you deployed.

2. Enter the server Host, Port, Login user and Password.

3. Optionally, prevent discovery of some databases and schema by adding database names to the allow and deny lists. If the allow list is populated, only those resources are discovered. If the deny list is populated, those resources are skipped, while all others are discovered.

4. Click Save to enable the integration and queue parsing. The SQL Server will be registered and appear under "Discovered Data Sources" on the Configuration > All Data Sources tab.