Has all permissions in the server. It can do everything that any other server-level role can do.
To see who has been granted 'sysadmin'...
SELECT sp.name,
sp.is_disabled
FROM sys.server_role_members rm,
sys.server_principals sp
WHERE rm.role_principal_id = SUSER_ID('Sysadmin')
AND rm.member_principal_id = sp.principal_id
Sometimes it's useful just to have a count of the number of users with sysadmin...
SELECT COUNT(*)
FROM sys.server_role_members rm,
sys.server_principals sp
WHERE rm.role_principal_id = SUSER_ID('Sysadmin')
AND rm.member_principal_id = sp.principal_id
In earlier versions of SQL Server, NT AUTHORITY\SYSTEM was granted the sysadmin role. This is no longer recommended as it is considered a shared account.
https://www.stigviewer.com/stig/ms_sql_server_2016_instance/2018-03-09/finding/V-79129Start or Stop the server
Has the ALTER ANY LOGIN privilege. Therefore a Login with this Role is capable of granting any other Role or Privilege (except SYSADMIN) to any other User or Role, including itself.
Can Kill processes
Create a Linked Server.
(But, just because you can doesn't mean you should).Allows you to bulk load records into a database.
Newer backup technologies have made this pretty much redundant.
Can create a new database.
Can connect.