April, 2024

🥥
Highlights
The April 2024 release of the Data Bridge API introduces database-level and server-level security.

The List Server Instances and Get Server Instance operations now return information about the security of SQL Server instances including the owners and groups in both payloads and responses.

The Update Server Instance Security operation updates server security.

The List Databases and Get Database operations now return information about the security of the databases on specific server instances including the owners and groups in both payloads and responses.

The Update Database Security operation updates database security.

Learn More

Server Instances

The List Server Instances API resource (GET /v1/sql-instances) operation now returns detailed information about server-level security settings including the registered, exposureSetId, owner, secured, and groups attributes.

[
  {
    "name": "string",
    "uid": "string",
    "endpoint": "string",
    "internalEndpoint": "string",
    "status": "string",
    "totalDiskSpaceInMb": 0,
    "availableDiskSpaceInMb": 0,
    "usedDiskSpaceInMb": 0,
    "databaseLimit": 0,
    "pinnedDatabaseLimit": 0,
    "archivedDatabaseStorageUsedInMb": 0,
    "archivedDatabaseCount": 0,
    "owner": "string",
    "secured": true,
    "groups": [
      {
        "groupId": "string",
        "groupName": "string"
      }
    ]
  }
]

The request now returns detailed information about server-level security settings:

Attribute	Description
`owner`	Name of the role or login that owns this server instance. The owner of a secured server instance is the only entity that can view and administer that server instance. Ownership can only be assigned using the Data Admin app.
`secured`	If `true`, database is secured. When security is enabled, access to this server is restricted to owners and groups that have been granted access by a Data Admin.
`groups`	The `groupId` and `groupName` of the group that has access rights and permissions for this server. Groups of principals are granted access only to the secured servers to which they are assigned. If your group has not been granted access to a server, you do not see that server and cannot perform actions on it.

The Get Server Instance API resource (GET /v1/sql-instances/{instanceName}) operation now returns detailed information about server-level security of the specfied server instance including the owner, secured and groups attributes:

{
  "name": "string",
  "uid": "string",
  "endpoint": "string",
  "internalEndpoint": "string",
  "status": "string",
  "totalDiskSpaceInMb": 0,
  "availableDiskSpaceInMb": 0,
  "usedDiskSpaceInMb": 0,
  "databaseLimit": 0,
  "pinnedDatabaseLimit": 0,
  "archivedDatabaseStorageUsedInMb": 0,
  "archivedDatabaseCount": 0,
  "owner": "string",
  "secured": true,
  "groups": [
    {
      "groupId": "string",
      "groupName": "string"
    }
  ]
}

The request now returns detailed information about server-level security settings:

Attribute	Description
`owner`	Name of the role or login that owns this server instance. The owner of a secured server instance is the only entity that can view and administer that server instance. Ownership can only be assigned using the Data Admin app.
`secured`	If `true`, database is secured. When security is enabled, access to this server is restricted to owners and groups that have been granted access by a Data Admin.
`groups`	The `groupId` and `groupName` of the group that has access rights and permissions for this server. Groups of principals are granted access only to the secured servers to which they are assigned. If your group has not been granted access to a server, you do not see that server and cannot perform actions on it.

The Update Server Instance Security API resource (PATCH v1/sql-instances/{instanceName}/Databases/{databaseName}) operation updates the security status of the specified database. If security is enabled (true), a database owner must be specified. Groups are optional.

The instanceName is specified in the endpoint path. All other attributes are specified in the required request package.

[
  {
    "operation": "Add",
    "targetProperty": "groupId",
    "value": "8e676a8f-63ed-4cc0-8678-9a20ce41a80a"
  }
  {
    "operation": "Remove",
    "targetProperty": "groupId",
    "value": "4x679a8a-74et-4cc0-8678-7g90ee96d00f"
  }
]

All three attributes must be defined in the request package:

Attribute	Description
`operation`	Operation to perform. One of `Add` or `Remove`.
`targetProperty`	Property to update. One of `groupId` or `groupName`.
`value`	Unique group ID or name that identifies the group.

Databases

The List Databases API resource (GET /v1/sql-instances/{instanceName}/Databases) operation now returns additional information about the security of each database including the registered, exposureSetId, owner, secured, and groups attributes.

[
  {
    "name": "string",
    "status": "string",
    "error": "string",
    "sizeInMb": 0,
    "createdAt": "2024-04-04T19:25:42.077Z",
    "pinned": true,
    "pinExpiration": "2024-04-04T19:25:42.077Z",
    "databaseSchema": "string",
    "databaseVersion": "string",
    "lastIndexUpdate": "2024-04-04T19:25:42.077Z",
    "registered": true,
    "exposureSetId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
    "owner": "string",
    "secured": true,
    "groups": [
      {
        "groupId": "string",
        "groupName": "string"
      }
    ]
  }
]

The request now returns detailed information about server-level security settings:

Attribute	Description
`owner`	Name of the role or login that owns the database. Only the owner of a secured database can view and administer that database. Ownership can only be assigned using the Data Admin app. Owners can only see and administer their databases.
`secured`	If `true`, database is secured. When security is enabled, access to this database is restricted to owners and groups that have been granted access by a Data Admin.
`groups`	The `groupId` and `groupName` of the group that has access rights and permissions for this database. Groups of principals are granted access only to the secured databases to which they are assigned. If your group has not been granted access to a server, you do not see that server or database and cannot perform actions on it.

The Get Database API resource (GET /v1/sql-instances/{instanceName}/Databases/{databaseName}) operation now returns additional information about the security of each database including the registered, exposureSetId, owner, secured, and groups attributes.

{
  "name": "string",
  "status": "string",
  "error": "string",
  "sizeInMb": 0,
  "createdAt": "2024-04-04T21:54:29.353Z",
  "pinned": true,
  "pinExpiration": "2024-04-04T21:54:29.353Z",
  "databaseSchema": "string",
  "databaseVersion": "string",
  "lastIndexUpdate": "2024-04-04T21:54:29.353Z",
  "registered": true,
  "exposureSetId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "owner": "string",
  "secured": true,
  "groups": [
    {
      "groupId": "string",
      "groupName": "string"
    }
  ]
}

The request now returns detailed information about server-level security settings:

Attribute	Description
`owner`	Name of the role or login that owns the database. Only the owner of a secured database can view and administer that database. Ownership can only be assigned using the Data Admin app. Owners can only see and administer their databases.
`secured`	If `true`, database is secured. When security is enabled, access to this database is restricted to owners and groups that have been granted access by a Data Admin.
`groups`	The `groupId` and `groupName` of the group that has access rights and permissions for this database. Groups of principals are granted access only to the secured databases to which they are assigned. If your group has not been granted access to a server, you do not see that server or database and cannot perform actions on it.

The Update Database Security API resource (PATCH v1/sql-instances/{instanceName}/Databases/{databaseName}) operation updates the security status of the specified database. If security is enabled (true), a database owner must be specified. Groups are optional.

The instanceName and databaseName are specified in the endpoint path. All other attributes are specifiec in required the request package.

[
  {
    "operation": "Add",
    "targetProperty": "groupId",
    "value": "8e676a8f-63ed-4cc0-8678-9a20ce41a80a"
  }
  {
    "operation": "Remove",
    "targetProperty": "groupId",
    "value": "4x679a8a-74et-4cc0-8678-7g90ee96d00f"
  }
]

All three attributes must be defined in the request package:

Attribute	Description
`operation`	Operation to perform. One of `Add` or `Remove`.
`targetProperty`	Property to update. One of `groupId` or `groupName`.
`value`	Unique group ID or name that identifies the group.

🥥Highlights

Server Instances

Databases

🥥
Highlights