On-Premise SQL

Requirements

You have a Teleskope Account with the Admin role
Network access from the Teleskope Application or Outpost to the database server
A valid database user with read-only permissions on all target databases
Required database grants (see below)

Step 1: Connection Details

Database Type

Select the database engine:

MySQL (includes MariaDB)
PostgreSQL
SQL Server

Display Name

A friendly, human-readable name to identify this database host within Teleskope.

Example:

Production MySQL Server

Server Hostname or IP

The hostname or IP address of the database server.

Example:

db.example.corp

Port

Default ports by database type:

MySQL/MariaDB: 3306
PostgreSQL: 5432
SQL Server: 1433

Override this value only if your database server is exposed over a non-standard port.

Step 2: Authentication

Enter the database credentials Teleskope will use to connect:

Username

The database name Teleskope should use to authenticate.

Example:

teleskope_ro

Password

The password associated with the database user.

Example:

SecurePassword123!

Step 3: Create Database User and Grant Permissions

Before enrolling the database host, create a read-only database user with the required permissions.

Create the Database User

MySQL or MariaDB

CREATE USER 'teleskope_ro'@'%' IDENTIFIED BY '****PASSWORD****';

PostgreSQL

CREATE USER teleskope_ro WITH PASSWORD '****PASSWORD****';

SQL Server

CREATE LOGIN teleskope_ro WITH PASSWORD = '****PASSWORD****';

Grant Database User Permissions

Read Access

MySQL or MariaDB

GRANT SHOW DATABASES, SELECT ON *.* TO 'teleskope_ro'@'%'; 
FLUSH PRIVILEGES;

PostgreSQL versions 14+

GRANT pg_read_all_data TO teleskope_ro;

PostgreSQL versions < 14

SELECT format('GRANT CONNECT ON DATABASE %I TO teleskope_ro;', datname) 
FROM pg_database 
WHERE datname NOT IN ('template0', 'template1', 'postgres') 
\gexec

SELECT format('GRANT USAGE ON SCHEMA %I TO teleskope_ro;', nspname) 
FROM pg_namespace 
WHERE nspname NOT IN ('pg_toast', 'pg_catalog', 'information_schema') 
\gexec

SELECT format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO teleskope_ro;', nspname) 
FROM pg_namespace 
WHERE nspname NOT IN ('pg_toast', 'pg_catalog', 'information_schema') 
\gexec

SQL Server

-- Grant view any database (to see all databases)
ALTER SERVER ROLE [public] ADD MEMBER [teleskope_ro];

-- Grant read access to all databases
DECLARE @sql NVARCHAR(MAX);
SET @sql = '';
SELECT @sql += 
    'USE [' + name + ']; 
    IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = ''teleskope_ro'')
        CREATE USER teleskope_ro FOR LOGIN teleskope_ro;
    ALTER ROLE [db_datareader] ADD MEMBER [teleskope_ro];
    ALTER ROLE [db_ddladmin] ADD MEMBER [teleskope_ro];' + CHAR(13)
FROM sys.databases
WHERE state = 0 AND name NOT IN ('tempdb', 'model', 'msdb');
EXEC sp_executesql @sql;

Step 4: Enroll Database Host

After creating the user and granting permissions, proceed with enrollment using the credentials created above.

PreviousFile Systems NextSlack

Last updated 0 minutes ago

Was this helpful?