On-Premise SQL

Requirements

You have a Teleskope Account with the Admin role
Network access from the Teleskope Application or Outpost to the database server
A valid database user with read-only permissions on all target databases
Required database grants (see below)

Step 1: Connection Details

Database Type

Select the database engine:

MySQL (includes MariaDB)
PostgreSQL
SQL Server

Display Name

A friendly, human-readable name to identify this database host within Teleskope.

Example:

Production MySQL Server

Server Hostname or IP

The hostname or IP address of the database server.

Example:

db.example.corp

Port

Default ports by database type:

MySQL/MariaDB: 3306
PostgreSQL: 5432
SQL Server: 1433

Override this value only if your database server is exposed over a non-standard port.

Step 2: Authentication

Enter the database credentials Teleskope will use to connect:

Username

The database name Teleskope should use to authenticate.

Example:

teleskope_ro

Password

The password associated with the database user.

Example:

SecurePassword123!

Step 3: Create Database User and Grant Permissions

Before enrolling the database host, create a read-only database user with the required permissions.

Create the Database User

MySQL or MariaDB

CREATE USER 'teleskope_ro'@'%' IDENTIFIED BY '****PASSWORD****';

PostgreSQL

CREATE USER teleskope_ro WITH PASSWORD '****PASSWORD****';

SQL Server

CREATE LOGIN teleskope_ro WITH PASSWORD = '****PASSWORD****';

Grant Database User Permissions

Read Access

MySQL or MariaDB

GRANT SHOW DATABASES, SELECT ON *.* TO 'teleskope_ro'@'%'; 
FLUSH PRIVILEGES;

PostgreSQL versions 14+

GRANT pg_read_all_data TO teleskope_ro;

PostgreSQL versions < 14

SELECT format('GRANT CONNECT ON DATABASE %I TO teleskope_ro;', datname) 
FROM pg_database 
WHERE datname NOT IN ('template0', 'template1', 'postgres') 
\gexec

SELECT format('GRANT USAGE ON SCHEMA %I TO teleskope_ro;', nspname) 
FROM pg_namespace 
WHERE nspname NOT IN ('pg_toast', 'pg_catalog', 'information_schema') 
\gexec

SELECT format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO teleskope_ro;', nspname) 
FROM pg_namespace 
WHERE nspname NOT IN ('pg_toast', 'pg_catalog', 'information_schema') 
\gexec

SQL Server

-- Grant view any database (to see all databases)
ALTER SERVER ROLE [public] ADD MEMBER [teleskope_ro];

-- Grant read access to all databases
DECLARE @sql NVARCHAR(MAX);
SET @sql = '';
SELECT @sql += 
    'USE [' + name + ']; 
    IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = ''teleskope_ro'')
        CREATE USER teleskope_ro FOR LOGIN teleskope_ro;
    ALTER ROLE [db_datareader] ADD MEMBER [teleskope_ro];
    ALTER ROLE [db_ddladmin] ADD MEMBER [teleskope_ro];' + CHAR(13)
FROM sys.databases
WHERE state = 0 AND name NOT IN ('tempdb', 'model', 'msdb');
EXEC sp_executesql @sql;

Step 4: Enroll Database Host

After creating the user and granting permissions, proceed with enrollment using the credentials created above.

PreviousFile Systems NextSlack

Last updated 19 days ago

Was this helpful?

hashtagRequirements

hashtagStep 1: Connection Details

hashtagDatabase Type

hashtagDisplay Name

hashtagServer Hostname or IP

hashtagPort

hashtagStep 2: Authentication

hashtagUsername

hashtagPassword

hashtagStep 3: Create Database User and Grant Permissions

hashtagCreate the Database User

hashtagGrant Database User Permissions

hashtagStep 4: Enroll Database Host

Requirements

Step 1: Connection Details

Database Type

Display Name

Server Hostname or IP

Port

Step 2: Authentication

Username

Password

Step 3: Create Database User and Grant Permissions

Create the Database User

Grant Database User Permissions

Step 4: Enroll Database Host