Microsoft.DBforPostgreSQL flexibleServers 2022-12-01
Bicep resource definition
The flexibleServers resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.DBforPostgreSQL/flexibleServers resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = {
identity: {
type: 'string'
userAssignedIdentities: {
{customized property}: {
clientId: 'string'
principalId: 'string'
}
}
}
location: 'string'
name: 'string'
properties: {
administratorLogin: 'string'
administratorLoginPassword: 'string'
authConfig: {
activeDirectoryAuth: 'string'
passwordAuth: 'string'
tenantId: 'string'
}
availabilityZone: 'string'
backup: {
backupRetentionDays: int
geoRedundantBackup: 'string'
}
createMode: 'string'
dataEncryption: {
primaryKeyURI: 'string'
primaryUserAssignedIdentityId: 'string'
type: 'string'
}
highAvailability: {
mode: 'string'
standbyAvailabilityZone: 'string'
}
maintenanceWindow: {
customWindow: 'string'
dayOfWeek: int
startHour: int
startMinute: int
}
network: {
delegatedSubnetResourceId: 'string'
privateDnsZoneArmResourceId: 'string'
}
pointInTimeUTC: 'string'
replicationRole: 'string'
sourceServerResourceId: 'string'
storage: {
storageSizeGB: int
}
version: 'string'
}
sku: {
name: 'string'
tier: 'string'
}
tags: {
{customized property}: 'string'
}
}
Property values
AuthConfig
Name | Description | Value |
---|---|---|
activeDirectoryAuth | If Enabled, Azure Active Directory authentication is enabled. | 'Disabled' 'Enabled' |
passwordAuth | If Enabled, Password authentication is enabled. | 'Disabled' 'Enabled' |
tenantId | Tenant id of the server. | string |
Backup
Name | Description | Value |
---|---|---|
backupRetentionDays | Backup retention days for the server. | int |
geoRedundantBackup | A value indicating whether Geo-Redundant backup is enabled on the server. | 'Disabled' 'Enabled' |
DataEncryption
Name | Description | Value |
---|---|---|
primaryKeyURI | URI for the key for data encryption for primary server. | string |
primaryUserAssignedIdentityId | Resource Id for the User assigned identity to be used for data encryption for primary server. | string |
type | Data encryption type to depict if it is System Managed vs Azure Key vault. | 'AzureKeyVault' 'SystemManaged' |
HighAvailability
Name | Description | Value |
---|---|---|
mode | The HA mode for the server. | 'Disabled' 'SameZone' 'ZoneRedundant' |
standbyAvailabilityZone | availability zone information of the standby. | string |
MaintenanceWindow
Name | Description | Value |
---|---|---|
customWindow | indicates whether custom window is enabled or disabled | string |
dayOfWeek | day of week for maintenance window | int |
startHour | start hour for maintenance window | int |
startMinute | start minute for maintenance window | int |
Microsoft.DBforPostgreSQL/flexibleServers
Name | Description | Value |
---|---|---|
identity | Describes the identity of the application. | UserAssignedIdentity |
location | The geo-location where the resource lives | string (required) |
name | The resource name | string Constraints: Min length = 3 Max length = 3 Pattern = ^[a-zA-Z0-9]+(-[a-zA-Z0-9]+)* (required) |
properties | Properties of the server. | ServerProperties |
sku | The SKU (pricing tier) of the server. | Sku |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
Network
Name | Description | Value |
---|---|---|
delegatedSubnetResourceId | Delegated subnet arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. | string |
privateDnsZoneArmResourceId | Private dns zone arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. | string |
ServerProperties
Name | Description | Value |
---|---|---|
administratorLogin | The administrator's login name of a server. Can only be specified when the server is being created (and is required for creation). | string |
administratorLoginPassword | The administrator login password (required for server creation). | string Constraints: Sensitive value. Pass in as a secure parameter. |
authConfig | AuthConfig properties of a server. | AuthConfig |
availabilityZone | availability zone information of the server. | string |
backup | Backup properties of a server. | Backup |
createMode | The mode to create a new PostgreSQL server. | 'Create' 'Default' 'GeoRestore' 'PointInTimeRestore' 'Replica' 'Update' |
dataEncryption | Data encryption properties of a server. | DataEncryption |
highAvailability | High availability properties of a server. | HighAvailability |
maintenanceWindow | Maintenance window properties of a server. | MaintenanceWindow |
network | Network properties of a server. This Network property is required to be passed only in case you want the server to be Private access server. | Network |
pointInTimeUTC | Restore point creation time (ISO8601 format), specifying the time to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore'. | string |
replicationRole | Replication role of the server | 'AsyncReplica' 'GeoAsyncReplica' 'None' 'Primary' |
sourceServerResourceId | The source server resource ID to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore' or 'Replica'. This property is returned only for Replica server | string |
storage | Storage properties of a server. | Storage |
version | PostgreSQL Server version. | '11' '12' '13' '14' |
Sku
Name | Description | Value |
---|---|---|
name | The name of the sku, typically, tier + family + cores, e.g. Standard_D4s_v3. | string (required) |
tier | The tier of the particular SKU, e.g. Burstable. | 'Burstable' 'GeneralPurpose' 'MemoryOptimized' (required) |
Storage
Name | Description | Value |
---|---|---|
storageSizeGB | Max storage allowed for a server. | int |
TrackedResourceTags
Name | Description | Value |
---|
UserAssignedIdentity
Name | Description | Value |
---|---|---|
type | the types of identities associated with this resource; currently restricted to 'None and UserAssigned' | 'None' 'UserAssigned' (required) |
userAssignedIdentities | represents user assigned identities map. | UserAssignedIdentityMap |
UserAssignedIdentityMap
Name | Description | Value |
---|
UserIdentity
Name | Description | Value |
---|---|---|
clientId | the client identifier of the Service Principal which this identity represents. | string |
principalId | the object identifier of the Service Principal which this identity represents. | string |
Quickstart samples
The following quickstart samples deploy this resource type.
Bicep File | Description |
---|---|
Create PgFlex server & enable protection via Backup Vault | Template that creates a PostgreSQL Flexible Server and enables protection via Backup Vault |
Deploy Azure Database for PostgreSQL (flexible) with AAD | This template provides a way to deploy a Flexible server Azure database for PostgreSQL with AAD integration. |
Deploy Azure Database for PostgreSQL (flexible) with VNet | This template provides a way to deploy a Flexible server Azure database for PostgreSQL with VNet integration. |
SonarQube on Web App with PostgreSQL and VNet integration | This template provides easy to deploy SonarQube to Web App on Linux with PostgreSQL Flexible Server, VNet integration and private DNS. |
ARM template resource definition
The flexibleServers resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.DBforPostgreSQL/flexibleServers resource, add the following JSON to your template.
{
"type": "Microsoft.DBforPostgreSQL/flexibleServers",
"apiVersion": "2022-12-01",
"name": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {
"clientId": "string",
"principalId": "string"
}
}
},
"location": "string",
"properties": {
"administratorLogin": "string",
"administratorLoginPassword": "string",
"authConfig": {
"activeDirectoryAuth": "string",
"passwordAuth": "string",
"tenantId": "string"
},
"availabilityZone": "string",
"backup": {
"backupRetentionDays": "int",
"geoRedundantBackup": "string"
},
"createMode": "string",
"dataEncryption": {
"primaryKeyURI": "string",
"primaryUserAssignedIdentityId": "string",
"type": "string"
},
"highAvailability": {
"mode": "string",
"standbyAvailabilityZone": "string"
},
"maintenanceWindow": {
"customWindow": "string",
"dayOfWeek": "int",
"startHour": "int",
"startMinute": "int"
},
"network": {
"delegatedSubnetResourceId": "string",
"privateDnsZoneArmResourceId": "string"
},
"pointInTimeUTC": "string",
"replicationRole": "string",
"sourceServerResourceId": "string",
"storage": {
"storageSizeGB": "int"
},
"version": "string"
},
"sku": {
"name": "string",
"tier": "string"
},
"tags": {
"{customized property}": "string"
}
}
Property values
AuthConfig
Name | Description | Value |
---|---|---|
activeDirectoryAuth | If Enabled, Azure Active Directory authentication is enabled. | 'Disabled' 'Enabled' |
passwordAuth | If Enabled, Password authentication is enabled. | 'Disabled' 'Enabled' |
tenantId | Tenant id of the server. | string |
Backup
Name | Description | Value |
---|---|---|
backupRetentionDays | Backup retention days for the server. | int |
geoRedundantBackup | A value indicating whether Geo-Redundant backup is enabled on the server. | 'Disabled' 'Enabled' |
DataEncryption
Name | Description | Value |
---|---|---|
primaryKeyURI | URI for the key for data encryption for primary server. | string |
primaryUserAssignedIdentityId | Resource Id for the User assigned identity to be used for data encryption for primary server. | string |
type | Data encryption type to depict if it is System Managed vs Azure Key vault. | 'AzureKeyVault' 'SystemManaged' |
HighAvailability
Name | Description | Value |
---|---|---|
mode | The HA mode for the server. | 'Disabled' 'SameZone' 'ZoneRedundant' |
standbyAvailabilityZone | availability zone information of the standby. | string |
MaintenanceWindow
Name | Description | Value |
---|---|---|
customWindow | indicates whether custom window is enabled or disabled | string |
dayOfWeek | day of week for maintenance window | int |
startHour | start hour for maintenance window | int |
startMinute | start minute for maintenance window | int |
Microsoft.DBforPostgreSQL/flexibleServers
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2022-12-01' |
identity | Describes the identity of the application. | UserAssignedIdentity |
location | The geo-location where the resource lives | string (required) |
name | The resource name | string Constraints: Min length = 3 Max length = 3 Pattern = ^[a-zA-Z0-9]+(-[a-zA-Z0-9]+)* (required) |
properties | Properties of the server. | ServerProperties |
sku | The SKU (pricing tier) of the server. | Sku |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
type | The resource type | 'Microsoft.DBforPostgreSQL/flexibleServers' |
Network
Name | Description | Value |
---|---|---|
delegatedSubnetResourceId | Delegated subnet arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. | string |
privateDnsZoneArmResourceId | Private dns zone arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. | string |
ServerProperties
Name | Description | Value |
---|---|---|
administratorLogin | The administrator's login name of a server. Can only be specified when the server is being created (and is required for creation). | string |
administratorLoginPassword | The administrator login password (required for server creation). | string Constraints: Sensitive value. Pass in as a secure parameter. |
authConfig | AuthConfig properties of a server. | AuthConfig |
availabilityZone | availability zone information of the server. | string |
backup | Backup properties of a server. | Backup |
createMode | The mode to create a new PostgreSQL server. | 'Create' 'Default' 'GeoRestore' 'PointInTimeRestore' 'Replica' 'Update' |
dataEncryption | Data encryption properties of a server. | DataEncryption |
highAvailability | High availability properties of a server. | HighAvailability |
maintenanceWindow | Maintenance window properties of a server. | MaintenanceWindow |
network | Network properties of a server. This Network property is required to be passed only in case you want the server to be Private access server. | Network |
pointInTimeUTC | Restore point creation time (ISO8601 format), specifying the time to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore'. | string |
replicationRole | Replication role of the server | 'AsyncReplica' 'GeoAsyncReplica' 'None' 'Primary' |
sourceServerResourceId | The source server resource ID to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore' or 'Replica'. This property is returned only for Replica server | string |
storage | Storage properties of a server. | Storage |
version | PostgreSQL Server version. | '11' '12' '13' '14' |
Sku
Name | Description | Value |
---|---|---|
name | The name of the sku, typically, tier + family + cores, e.g. Standard_D4s_v3. | string (required) |
tier | The tier of the particular SKU, e.g. Burstable. | 'Burstable' 'GeneralPurpose' 'MemoryOptimized' (required) |
Storage
Name | Description | Value |
---|---|---|
storageSizeGB | Max storage allowed for a server. | int |
TrackedResourceTags
Name | Description | Value |
---|
UserAssignedIdentity
Name | Description | Value |
---|---|---|
type | the types of identities associated with this resource; currently restricted to 'None and UserAssigned' | 'None' 'UserAssigned' (required) |
userAssignedIdentities | represents user assigned identities map. | UserAssignedIdentityMap |
UserAssignedIdentityMap
Name | Description | Value |
---|
UserIdentity
Name | Description | Value |
---|---|---|
clientId | the client identifier of the Service Principal which this identity represents. | string |
principalId | the object identifier of the Service Principal which this identity represents. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
Create PgFlex server & enable protection via Backup Vault |
Template that creates a PostgreSQL Flexible Server and enables protection via Backup Vault |
Deploy Azure Database for PostgreSQL (flexible) with AAD |
This template provides a way to deploy a Flexible server Azure database for PostgreSQL with AAD integration. |
Deploy Azure Database for PostgreSQL (flexible) with VNet |
This template provides a way to deploy a Flexible server Azure database for PostgreSQL with VNet integration. |
SonarQube on Web App with PostgreSQL and VNet integration |
This template provides easy to deploy SonarQube to Web App on Linux with PostgreSQL Flexible Server, VNet integration and private DNS. |
Terraform (AzAPI provider) resource definition
The flexibleServers resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.DBforPostgreSQL/flexibleServers resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01"
name = "string"
identity = {
type = "string"
userAssignedIdentities = {
{customized property} = {
clientId = "string"
principalId = "string"
}
}
}
location = "string"
sku = {
name = "string"
tier = "string"
}
tags = {
{customized property} = "string"
}
body = jsonencode({
properties = {
administratorLogin = "string"
administratorLoginPassword = "string"
authConfig = {
activeDirectoryAuth = "string"
passwordAuth = "string"
tenantId = "string"
}
availabilityZone = "string"
backup = {
backupRetentionDays = int
geoRedundantBackup = "string"
}
createMode = "string"
dataEncryption = {
primaryKeyURI = "string"
primaryUserAssignedIdentityId = "string"
type = "string"
}
highAvailability = {
mode = "string"
standbyAvailabilityZone = "string"
}
maintenanceWindow = {
customWindow = "string"
dayOfWeek = int
startHour = int
startMinute = int
}
network = {
delegatedSubnetResourceId = "string"
privateDnsZoneArmResourceId = "string"
}
pointInTimeUTC = "string"
replicationRole = "string"
sourceServerResourceId = "string"
storage = {
storageSizeGB = int
}
version = "string"
}
})
}
Property values
AuthConfig
Name | Description | Value |
---|---|---|
activeDirectoryAuth | If Enabled, Azure Active Directory authentication is enabled. | 'Disabled' 'Enabled' |
passwordAuth | If Enabled, Password authentication is enabled. | 'Disabled' 'Enabled' |
tenantId | Tenant id of the server. | string |
Backup
Name | Description | Value |
---|---|---|
backupRetentionDays | Backup retention days for the server. | int |
geoRedundantBackup | A value indicating whether Geo-Redundant backup is enabled on the server. | 'Disabled' 'Enabled' |
DataEncryption
Name | Description | Value |
---|---|---|
primaryKeyURI | URI for the key for data encryption for primary server. | string |
primaryUserAssignedIdentityId | Resource Id for the User assigned identity to be used for data encryption for primary server. | string |
type | Data encryption type to depict if it is System Managed vs Azure Key vault. | 'AzureKeyVault' 'SystemManaged' |
HighAvailability
Name | Description | Value |
---|---|---|
mode | The HA mode for the server. | 'Disabled' 'SameZone' 'ZoneRedundant' |
standbyAvailabilityZone | availability zone information of the standby. | string |
MaintenanceWindow
Name | Description | Value |
---|---|---|
customWindow | indicates whether custom window is enabled or disabled | string |
dayOfWeek | day of week for maintenance window | int |
startHour | start hour for maintenance window | int |
startMinute | start minute for maintenance window | int |
Microsoft.DBforPostgreSQL/flexibleServers
Name | Description | Value |
---|---|---|
identity | Describes the identity of the application. | UserAssignedIdentity |
location | The geo-location where the resource lives | string (required) |
name | The resource name | string Constraints: Min length = 3 Max length = 3 Pattern = ^[a-zA-Z0-9]+(-[a-zA-Z0-9]+)* (required) |
properties | Properties of the server. | ServerProperties |
sku | The SKU (pricing tier) of the server. | Sku |
tags | Resource tags | Dictionary of tag names and values. |
type | The resource type | "Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01" |
Network
Name | Description | Value |
---|---|---|
delegatedSubnetResourceId | Delegated subnet arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. | string |
privateDnsZoneArmResourceId | Private dns zone arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. | string |
ServerProperties
Name | Description | Value |
---|---|---|
administratorLogin | The administrator's login name of a server. Can only be specified when the server is being created (and is required for creation). | string |
administratorLoginPassword | The administrator login password (required for server creation). | string Constraints: Sensitive value. Pass in as a secure parameter. |
authConfig | AuthConfig properties of a server. | AuthConfig |
availabilityZone | availability zone information of the server. | string |
backup | Backup properties of a server. | Backup |
createMode | The mode to create a new PostgreSQL server. | 'Create' 'Default' 'GeoRestore' 'PointInTimeRestore' 'Replica' 'Update' |
dataEncryption | Data encryption properties of a server. | DataEncryption |
highAvailability | High availability properties of a server. | HighAvailability |
maintenanceWindow | Maintenance window properties of a server. | MaintenanceWindow |
network | Network properties of a server. This Network property is required to be passed only in case you want the server to be Private access server. | Network |
pointInTimeUTC | Restore point creation time (ISO8601 format), specifying the time to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore'. | string |
replicationRole | Replication role of the server | 'AsyncReplica' 'GeoAsyncReplica' 'None' 'Primary' |
sourceServerResourceId | The source server resource ID to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore' or 'Replica'. This property is returned only for Replica server | string |
storage | Storage properties of a server. | Storage |
version | PostgreSQL Server version. | '11' '12' '13' '14' |
Sku
Name | Description | Value |
---|---|---|
name | The name of the sku, typically, tier + family + cores, e.g. Standard_D4s_v3. | string (required) |
tier | The tier of the particular SKU, e.g. Burstable. | 'Burstable' 'GeneralPurpose' 'MemoryOptimized' (required) |
Storage
Name | Description | Value |
---|---|---|
storageSizeGB | Max storage allowed for a server. | int |
TrackedResourceTags
Name | Description | Value |
---|
UserAssignedIdentity
Name | Description | Value |
---|---|---|
type | the types of identities associated with this resource; currently restricted to 'None and UserAssigned' | 'None' 'UserAssigned' (required) |
userAssignedIdentities | represents user assigned identities map. | UserAssignedIdentityMap |
UserAssignedIdentityMap
Name | Description | Value |
---|
UserIdentity
Name | Description | Value |
---|---|---|
clientId | the client identifier of the Service Principal which this identity represents. | string |
principalId | the object identifier of the Service Principal which this identity represents. | string |