Permissions required to add logins to fixed database roles.
What are the minimum permissions a login can have to assign other logins to
fixed database roles like db_datareader, db_datawriter, db_ddladmin?
If a login has been assigned to the db_securityadmin fixed database role and it
tries to assign other logins to a fixed role like db_datareader, the following
error may appear:
Cannot alter the role 'db_datareader', because it does not exist or you do not
have permission. (Microsoft SQL Server, Error: 15151)
To be able to assign logins to database fixed roles, one needs to be member of
the db_owner fixed database role, and been member of the db_securityadmin is not