I don't like working in RDS. I can't even query sysjobschedules with my Master user
This data isn't completely gated off from me. For example I can see the schedule data in the job management UI.
I can also retrieve this same data using SMO.
$SqlInstance = Connect-DbaInstance sql01 $AllJobs = $SqlInstance.JobServer.Jobs $AllJobs[0].JobSchedules If I profile the above actions, I see (in part) this query which calls out to sp_help_jobschedule. Following from there, I can do something like execute sp_help_jobschedule @schedule_id = 92 and get back a valid resultset.
I don't understand why this works. AFAICT, one of the relevant code blocks in sp_help_jobschedule is...
IF (@schedule_id IS NOT NULL) AND (@job_id IS NULL) AND (@job_name IS NULL) BEGIN SELECT @job_count = COUNT(*) FROM msdb.dbo.sysjobschedules WHERE (schedule_id = @schedule_id) -- ... SELECT @job_id = job_id FROM msdb.dbo.sysjobschedules WHERE (schedule_id = @schedule_id) -- .... END ...and as we've already established, I cannot query this base object.
I do not see any execute as declaration in the sp_help_jobschedule source code and the only role grants for my RDS Master user are for the builtin defaults SQLAgentOperatorRole & SQLAgentUserRole neither of which appear to be modified from default settings nor have direct grants against either sp_help_jobschedule or sysjobschedules.
Wtf am I missing? How am I accessing base job schedule data in RDS?
Edit: this was PEBKAC. There was a direct grant against SQLAgentUserRole.
Checking
sys.database_permsin RDS with this plagiarized query shows a grant againstsp_help_jobscheduletoSQLAgentUserRolewhich I'd missed previously. This grant is also present in my unmodified laptop instance.
