Bulk data import using operations like BULK INSERT and OPENROWSET(BULK…) BULK INSERT (Transact-SQL) - SQL Server | Microsoft Learn is fundamental to ETL and data ingestion workflows. On SQL Server running on Linux, these operations have traditionally required sysadmin privileges, making it difficult to follow least‑privilege security practices.
With the preview of BULKADMIN role support for SQL Server on Linux, this gap is addressed. Starting with SQL Server 2025 (17.x) CU3, administrators can grant the bulkadmin role or the ADMINISTER BULK OPERATIONS permission to enable bulk imports without full administrative access. This capability has long been available on SQL Server on Windows and is now extended to Linux, bringing consistent and more secure bulk data operations across platforms.
Bulk import operation
Bulk import operations enable fast, large‑volume data loading into SQL Server tables by reading data directly from external files instead of row‑by‑row inserts. Learn more Use BULK INSERT or OPENROWSET (BULK...) to Import Data to SQL Server - SQL Server | Microsoft Learn
Who this is for
DBAs, Data engineers, ETL developers and application engineers who want to perform bulk data imports without over‑privileging users.
Why this matters
Improved security posture:
Eliminates the need for sysadmin access for bulk operations, enforcing least‑privilege security principle and reducing security risk.
Better operational flexibility:
Allows DBAs to safely delegate bulk data ingestion to application, ETL, and operational teams without expanding the attack surface.
Parity with SQL Server on Windows:
Closes a long‑standing gap between SQL Server on Windows and Linux, simplifying cross‑platform administration.
Designed with layered security controls on Linux
Bulk operations on Linux continue to enforce additional security checks beyond SQL permissions. Administrators must explicitly configure:
- Linux file system permissions for the SQL Server service account
- Approved bulk load directories using mssql-conf (by configuring the path through bulkadmin.allowedpathslist setting in mssql-conf)
This ensures, SQL Server can only read data from explicitly allowed locations, reducing the risk of unauthorized file access.
Learn more:
For a quick overview, the typical flow to enable bulk import operations on SQL Server on Linux looks like this:
- Install SQL Server 2025 (17.x) CU3
- Grant BULKADMIN role or ADMINISTER BULK OPERATIONS permission
- Configure allowed directories and required filesystem permissions
- Run bulk import operations using BULK INSERT or OPENROWSET (BULK...)
For detailed guidance and example, refer to the official documentation:
👉 Configure bulk import operations for SQL Server on Linux
Summary
With BULKADMIN role support on SQL Server for Linux, customers can now enable bulk data imports without compromising security. This enhancement delivers better role separation, security best practices, and a smoother operational experience for SQL Server on Linux.
We encourage customers to explore this capability and adopt least privileged bulk data workflows in their Linux environments.
Microsoft