# Azure Database

## Requirements

In order to integrate Teleskope with Azure Database for MySQL, Postgres, or MariaDB, you must make sure the following prerequisites are met:

* Within Azure: You must have created an Entra App as described previously
* Within Teleskope: A Teleskope admin account to complete the setup process.

## Integration

{% stepper %}
{% step %}

## Grant the Teleskope App the following roles: 

[Reader](https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles)
{% endstep %}

{% step %}

## Create a Teleskope user on each database

For each SQL instance you would like to scan using Teleskope, you will need to create/provide credentials for a database user, and grant that user permissions.

### Create Teleskope User

#### Create Database User (Without IAM Authentication)

**MySQL or MariaDB**

```sql
CREATE USER teleskope IDENTIFIED BY '****PASSWORD****'
```

**Postgres**

```sql
CREATE USER teleskope WITH PASSWORD  '****PASSWORD****'
```

{% endstep %}

{% step %}

## Grant Read Access to Teleskope user

### MySQL or MariaDB

```sql
GRANT SHOW DATABASES, SELECT ON *.* TO teleskope
```

### Postgres versions 14+

```sql
GRANT pg_read_all_data TO teleskope
```

### Postgres versions < 14

```sql
SELECT format('GRANT CONNECT ON DATABASE %I TO teleskope;', datname) FROM pg_database \gexec
SELECT format('GRANT USAGE ON SCHEMA %I TO teleskope;', nspname) FROM pg_namespace \gexec
SELECT format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO teleskope;', nspname) FROM pg_namespace \gexec
```

{% endstep %}

{% step %}

## Grant Write Access to Teleskope user (optional)

### MySQL or MariaDB

```sql
GRANT UPDATE, DELETE on *.* TO teleskope
```

### Postgres versions 14+

```sql
GRANT pg_write_all_data TO teleskope
```

### Postgres versions < 14

```sql
SELECT format('GRANT UPDATE, DELETE ON ALL TABLES IN SCHEMA %I TO teleskope;', nspname)
```

{% endstep %}
{% endstepper %}