I want to setup a job that runs a few select statements from several system management views such as those listed below. Its basically going to gather various metrics about the server, a few different databases and jobs.
msdb.dbo.sysjobs
msdb.dbo.sysjobhistory
sys.dm_db_missing_index_groups
sys.dm_db_missing_index_group_stats
sys.dm_db_missing_index_details
sys.databases
sys.dm_exec_query_stats
sys.dm_exec_sql_text
sys.dm_exec_query_plan
dbo.sysfiles
sys.indexes
sys.objects
So, there a number of instance-level permissions that are needed, mainly VIEW SERVER STATE
https://msdn.microsoft.com/en-us/library/ms186717.aspx
Granting these permissions to a single login seems like introducing a maintenance headache for later. What about a server role?
Correct me if Im wrong, but this is a new feature of 2012 and above, the ability to create user-defined server roles.
Prior to version 2012, I will just have to settle for granting these instance-level permissions to individual logins. There wont be many logins that need this kind of permissions, but id rather assign them at a role level then add logins to that role. Then again, there is little point in creating a seperate role if there is only 1...and maybe 2 logins that might need this role?
New for 2012
http://www.mssqltips.com/sqlservertip/2699/sql-server-user-defined-server-roles/