Microsoft.DBforPostgreSQL flexibleServers 2022-12-01

Bicep resource definition

The flexibleServers resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.DBforPostgreSQL/flexibleServers resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = {
  identity: {
    type: 'string'
    userAssignedIdentities: {
      {customized property}: {
        clientId: 'string'
        principalId: 'string'
      }
    }
  }
  location: 'string'
  name: 'string'
  properties: {
    administratorLogin: 'string'
    administratorLoginPassword: 'string'
    authConfig: {
      activeDirectoryAuth: 'string'
      passwordAuth: 'string'
      tenantId: 'string'
    }
    availabilityZone: 'string'
    backup: {
      backupRetentionDays: int
      geoRedundantBackup: 'string'
    }
    createMode: 'string'
    dataEncryption: {
      primaryKeyURI: 'string'
      primaryUserAssignedIdentityId: 'string'
      type: 'string'
    }
    highAvailability: {
      mode: 'string'
      standbyAvailabilityZone: 'string'
    }
    maintenanceWindow: {
      customWindow: 'string'
      dayOfWeek: int
      startHour: int
      startMinute: int
    }
    network: {
      delegatedSubnetResourceId: 'string'
      privateDnsZoneArmResourceId: 'string'
    }
    pointInTimeUTC: 'string'
    replicationRole: 'string'
    sourceServerResourceId: 'string'
    storage: {
      storageSizeGB: int
    }
    version: 'string'
  }
  sku: {
    name: 'string'
    tier: 'string'
  }
  tags: {
    {customized property}: 'string'
  }
}

Property values

AuthConfig

Name Description Value
activeDirectoryAuth If Enabled, Azure Active Directory authentication is enabled. 'Disabled'
'Enabled'
passwordAuth If Enabled, Password authentication is enabled. 'Disabled'
'Enabled'
tenantId Tenant id of the server. string

Backup

Name Description Value
backupRetentionDays Backup retention days for the server. int
geoRedundantBackup A value indicating whether Geo-Redundant backup is enabled on the server. 'Disabled'
'Enabled'

DataEncryption

Name Description Value
primaryKeyURI URI for the key for data encryption for primary server. string
primaryUserAssignedIdentityId Resource Id for the User assigned identity to be used for data encryption for primary server. string
type Data encryption type to depict if it is System Managed vs Azure Key vault. 'AzureKeyVault'
'SystemManaged'

HighAvailability

Name Description Value
mode The HA mode for the server. 'Disabled'
'SameZone'
'ZoneRedundant'
standbyAvailabilityZone availability zone information of the standby. string

MaintenanceWindow

Name Description Value
customWindow indicates whether custom window is enabled or disabled string
dayOfWeek day of week for maintenance window int
startHour start hour for maintenance window int
startMinute start minute for maintenance window int

Microsoft.DBforPostgreSQL/flexibleServers

Name Description Value
identity Describes the identity of the application. UserAssignedIdentity
location The geo-location where the resource lives string (required)
name The resource name string

Constraints:
Min length = 3
Max length = 3
Pattern = ^[a-zA-Z0-9]+(-[a-zA-Z0-9]+)* (required)
properties Properties of the server. ServerProperties
sku The SKU (pricing tier) of the server. Sku
tags Resource tags Dictionary of tag names and values. See Tags in templates

Network

Name Description Value
delegatedSubnetResourceId Delegated subnet arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. string
privateDnsZoneArmResourceId Private dns zone arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. string

ServerProperties

Name Description Value
administratorLogin The administrator's login name of a server. Can only be specified when the server is being created (and is required for creation). string
administratorLoginPassword The administrator login password (required for server creation). string

Constraints:
Sensitive value. Pass in as a secure parameter.
authConfig AuthConfig properties of a server. AuthConfig
availabilityZone availability zone information of the server. string
backup Backup properties of a server. Backup
createMode The mode to create a new PostgreSQL server. 'Create'
'Default'
'GeoRestore'
'PointInTimeRestore'
'Replica'
'Update'
dataEncryption Data encryption properties of a server. DataEncryption
highAvailability High availability properties of a server. HighAvailability
maintenanceWindow Maintenance window properties of a server. MaintenanceWindow
network Network properties of a server. This Network property is required to be passed only in case you want the server to be Private access server. Network
pointInTimeUTC Restore point creation time (ISO8601 format), specifying the time to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore'. string
replicationRole Replication role of the server 'AsyncReplica'
'GeoAsyncReplica'
'None'
'Primary'
sourceServerResourceId The source server resource ID to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore' or 'Replica'. This property is returned only for Replica server string
storage Storage properties of a server. Storage
version PostgreSQL Server version. '11'
'12'
'13'
'14'

Sku

Name Description Value
name The name of the sku, typically, tier + family + cores, e.g. Standard_D4s_v3. string (required)
tier The tier of the particular SKU, e.g. Burstable. 'Burstable'
'GeneralPurpose'
'MemoryOptimized' (required)

Storage

Name Description Value
storageSizeGB Max storage allowed for a server. int

TrackedResourceTags

Name Description Value

UserAssignedIdentity

Name Description Value
type the types of identities associated with this resource; currently restricted to 'None and UserAssigned' 'None'
'UserAssigned' (required)
userAssignedIdentities represents user assigned identities map. UserAssignedIdentityMap

UserAssignedIdentityMap

Name Description Value

UserIdentity

Name Description Value
clientId the client identifier of the Service Principal which this identity represents. string
principalId the object identifier of the Service Principal which this identity represents. string

Quickstart samples

The following quickstart samples deploy this resource type.

Bicep File Description
Create PgFlex server & enable protection via Backup Vault Template that creates a PostgreSQL Flexible Server and enables protection via Backup Vault
Deploy Azure Database for PostgreSQL (flexible) with AAD This template provides a way to deploy a Flexible server Azure database for PostgreSQL with AAD integration.
Deploy Azure Database for PostgreSQL (flexible) with VNet This template provides a way to deploy a Flexible server Azure database for PostgreSQL with VNet integration.
SonarQube on Web App with PostgreSQL and VNet integration This template provides easy to deploy SonarQube to Web App on Linux with PostgreSQL Flexible Server, VNet integration and private DNS.

ARM template resource definition

The flexibleServers resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.DBforPostgreSQL/flexibleServers resource, add the following JSON to your template.

{
  "type": "Microsoft.DBforPostgreSQL/flexibleServers",
  "apiVersion": "2022-12-01",
  "name": "string",
  "identity": {
    "type": "string",
    "userAssignedIdentities": {
      "{customized property}": {
        "clientId": "string",
        "principalId": "string"
      }
    }
  },
  "location": "string",
  "properties": {
    "administratorLogin": "string",
    "administratorLoginPassword": "string",
    "authConfig": {
      "activeDirectoryAuth": "string",
      "passwordAuth": "string",
      "tenantId": "string"
    },
    "availabilityZone": "string",
    "backup": {
      "backupRetentionDays": "int",
      "geoRedundantBackup": "string"
    },
    "createMode": "string",
    "dataEncryption": {
      "primaryKeyURI": "string",
      "primaryUserAssignedIdentityId": "string",
      "type": "string"
    },
    "highAvailability": {
      "mode": "string",
      "standbyAvailabilityZone": "string"
    },
    "maintenanceWindow": {
      "customWindow": "string",
      "dayOfWeek": "int",
      "startHour": "int",
      "startMinute": "int"
    },
    "network": {
      "delegatedSubnetResourceId": "string",
      "privateDnsZoneArmResourceId": "string"
    },
    "pointInTimeUTC": "string",
    "replicationRole": "string",
    "sourceServerResourceId": "string",
    "storage": {
      "storageSizeGB": "int"
    },
    "version": "string"
  },
  "sku": {
    "name": "string",
    "tier": "string"
  },
  "tags": {
    "{customized property}": "string"
  }
}

Property values

AuthConfig

Name Description Value
activeDirectoryAuth If Enabled, Azure Active Directory authentication is enabled. 'Disabled'
'Enabled'
passwordAuth If Enabled, Password authentication is enabled. 'Disabled'
'Enabled'
tenantId Tenant id of the server. string

Backup

Name Description Value
backupRetentionDays Backup retention days for the server. int
geoRedundantBackup A value indicating whether Geo-Redundant backup is enabled on the server. 'Disabled'
'Enabled'

DataEncryption

Name Description Value
primaryKeyURI URI for the key for data encryption for primary server. string
primaryUserAssignedIdentityId Resource Id for the User assigned identity to be used for data encryption for primary server. string
type Data encryption type to depict if it is System Managed vs Azure Key vault. 'AzureKeyVault'
'SystemManaged'

HighAvailability

Name Description Value
mode The HA mode for the server. 'Disabled'
'SameZone'
'ZoneRedundant'
standbyAvailabilityZone availability zone information of the standby. string

MaintenanceWindow

Name Description Value
customWindow indicates whether custom window is enabled or disabled string
dayOfWeek day of week for maintenance window int
startHour start hour for maintenance window int
startMinute start minute for maintenance window int

Microsoft.DBforPostgreSQL/flexibleServers

Name Description Value
apiVersion The api version '2022-12-01'
identity Describes the identity of the application. UserAssignedIdentity
location The geo-location where the resource lives string (required)
name The resource name string

Constraints:
Min length = 3
Max length = 3
Pattern = ^[a-zA-Z0-9]+(-[a-zA-Z0-9]+)* (required)
properties Properties of the server. ServerProperties
sku The SKU (pricing tier) of the server. Sku
tags Resource tags Dictionary of tag names and values. See Tags in templates
type The resource type 'Microsoft.DBforPostgreSQL/flexibleServers'

Network

Name Description Value
delegatedSubnetResourceId Delegated subnet arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. string
privateDnsZoneArmResourceId Private dns zone arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. string

ServerProperties

Name Description Value
administratorLogin The administrator's login name of a server. Can only be specified when the server is being created (and is required for creation). string
administratorLoginPassword The administrator login password (required for server creation). string

Constraints:
Sensitive value. Pass in as a secure parameter.
authConfig AuthConfig properties of a server. AuthConfig
availabilityZone availability zone information of the server. string
backup Backup properties of a server. Backup
createMode The mode to create a new PostgreSQL server. 'Create'
'Default'
'GeoRestore'
'PointInTimeRestore'
'Replica'
'Update'
dataEncryption Data encryption properties of a server. DataEncryption
highAvailability High availability properties of a server. HighAvailability
maintenanceWindow Maintenance window properties of a server. MaintenanceWindow
network Network properties of a server. This Network property is required to be passed only in case you want the server to be Private access server. Network
pointInTimeUTC Restore point creation time (ISO8601 format), specifying the time to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore'. string
replicationRole Replication role of the server 'AsyncReplica'
'GeoAsyncReplica'
'None'
'Primary'
sourceServerResourceId The source server resource ID to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore' or 'Replica'. This property is returned only for Replica server string
storage Storage properties of a server. Storage
version PostgreSQL Server version. '11'
'12'
'13'
'14'

Sku

Name Description Value
name The name of the sku, typically, tier + family + cores, e.g. Standard_D4s_v3. string (required)
tier The tier of the particular SKU, e.g. Burstable. 'Burstable'
'GeneralPurpose'
'MemoryOptimized' (required)

Storage

Name Description Value
storageSizeGB Max storage allowed for a server. int

TrackedResourceTags

Name Description Value

UserAssignedIdentity

Name Description Value
type the types of identities associated with this resource; currently restricted to 'None and UserAssigned' 'None'
'UserAssigned' (required)
userAssignedIdentities represents user assigned identities map. UserAssignedIdentityMap

UserAssignedIdentityMap

Name Description Value

UserIdentity

Name Description Value
clientId the client identifier of the Service Principal which this identity represents. string
principalId the object identifier of the Service Principal which this identity represents. string

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Create PgFlex server & enable protection via Backup Vault

Deploy to Azure
Template that creates a PostgreSQL Flexible Server and enables protection via Backup Vault
Deploy Azure Database for PostgreSQL (flexible) with AAD

Deploy to Azure
This template provides a way to deploy a Flexible server Azure database for PostgreSQL with AAD integration.
Deploy Azure Database for PostgreSQL (flexible) with VNet

Deploy to Azure
This template provides a way to deploy a Flexible server Azure database for PostgreSQL with VNet integration.
SonarQube on Web App with PostgreSQL and VNet integration

Deploy to Azure
This template provides easy to deploy SonarQube to Web App on Linux with PostgreSQL Flexible Server, VNet integration and private DNS.

Terraform (AzAPI provider) resource definition

The flexibleServers resource type can be deployed with operations that target:

  • Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.DBforPostgreSQL/flexibleServers resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01"
  name = "string"
  identity = {
    type = "string"
    userAssignedIdentities = {
      {customized property} = {
        clientId = "string"
        principalId = "string"
      }
    }
  }
  location = "string"
  sku = {
    name = "string"
    tier = "string"
  }
  tags = {
    {customized property} = "string"
  }
  body = jsonencode({
    properties = {
      administratorLogin = "string"
      administratorLoginPassword = "string"
      authConfig = {
        activeDirectoryAuth = "string"
        passwordAuth = "string"
        tenantId = "string"
      }
      availabilityZone = "string"
      backup = {
        backupRetentionDays = int
        geoRedundantBackup = "string"
      }
      createMode = "string"
      dataEncryption = {
        primaryKeyURI = "string"
        primaryUserAssignedIdentityId = "string"
        type = "string"
      }
      highAvailability = {
        mode = "string"
        standbyAvailabilityZone = "string"
      }
      maintenanceWindow = {
        customWindow = "string"
        dayOfWeek = int
        startHour = int
        startMinute = int
      }
      network = {
        delegatedSubnetResourceId = "string"
        privateDnsZoneArmResourceId = "string"
      }
      pointInTimeUTC = "string"
      replicationRole = "string"
      sourceServerResourceId = "string"
      storage = {
        storageSizeGB = int
      }
      version = "string"
    }
  })
}

Property values

AuthConfig

Name Description Value
activeDirectoryAuth If Enabled, Azure Active Directory authentication is enabled. 'Disabled'
'Enabled'
passwordAuth If Enabled, Password authentication is enabled. 'Disabled'
'Enabled'
tenantId Tenant id of the server. string

Backup

Name Description Value
backupRetentionDays Backup retention days for the server. int
geoRedundantBackup A value indicating whether Geo-Redundant backup is enabled on the server. 'Disabled'
'Enabled'

DataEncryption

Name Description Value
primaryKeyURI URI for the key for data encryption for primary server. string
primaryUserAssignedIdentityId Resource Id for the User assigned identity to be used for data encryption for primary server. string
type Data encryption type to depict if it is System Managed vs Azure Key vault. 'AzureKeyVault'
'SystemManaged'

HighAvailability

Name Description Value
mode The HA mode for the server. 'Disabled'
'SameZone'
'ZoneRedundant'
standbyAvailabilityZone availability zone information of the standby. string

MaintenanceWindow

Name Description Value
customWindow indicates whether custom window is enabled or disabled string
dayOfWeek day of week for maintenance window int
startHour start hour for maintenance window int
startMinute start minute for maintenance window int

Microsoft.DBforPostgreSQL/flexibleServers

Name Description Value
identity Describes the identity of the application. UserAssignedIdentity
location The geo-location where the resource lives string (required)
name The resource name string

Constraints:
Min length = 3
Max length = 3
Pattern = ^[a-zA-Z0-9]+(-[a-zA-Z0-9]+)* (required)
properties Properties of the server. ServerProperties
sku The SKU (pricing tier) of the server. Sku
tags Resource tags Dictionary of tag names and values.
type The resource type "Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01"

Network

Name Description Value
delegatedSubnetResourceId Delegated subnet arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. string
privateDnsZoneArmResourceId Private dns zone arm resource id. This is required to be passed during create, in case we want the server to be VNET injected, i.e. Private access server. During update, pass this only if we want to update the value for Private DNS zone. string

ServerProperties

Name Description Value
administratorLogin The administrator's login name of a server. Can only be specified when the server is being created (and is required for creation). string
administratorLoginPassword The administrator login password (required for server creation). string

Constraints:
Sensitive value. Pass in as a secure parameter.
authConfig AuthConfig properties of a server. AuthConfig
availabilityZone availability zone information of the server. string
backup Backup properties of a server. Backup
createMode The mode to create a new PostgreSQL server. 'Create'
'Default'
'GeoRestore'
'PointInTimeRestore'
'Replica'
'Update'
dataEncryption Data encryption properties of a server. DataEncryption
highAvailability High availability properties of a server. HighAvailability
maintenanceWindow Maintenance window properties of a server. MaintenanceWindow
network Network properties of a server. This Network property is required to be passed only in case you want the server to be Private access server. Network
pointInTimeUTC Restore point creation time (ISO8601 format), specifying the time to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore'. string
replicationRole Replication role of the server 'AsyncReplica'
'GeoAsyncReplica'
'None'
'Primary'
sourceServerResourceId The source server resource ID to restore from. It's required when 'createMode' is 'PointInTimeRestore' or 'GeoRestore' or 'Replica'. This property is returned only for Replica server string
storage Storage properties of a server. Storage
version PostgreSQL Server version. '11'
'12'
'13'
'14'

Sku

Name Description Value
name The name of the sku, typically, tier + family + cores, e.g. Standard_D4s_v3. string (required)
tier The tier of the particular SKU, e.g. Burstable. 'Burstable'
'GeneralPurpose'
'MemoryOptimized' (required)

Storage

Name Description Value
storageSizeGB Max storage allowed for a server. int

TrackedResourceTags

Name Description Value

UserAssignedIdentity

Name Description Value
type the types of identities associated with this resource; currently restricted to 'None and UserAssigned' 'None'
'UserAssigned' (required)
userAssignedIdentities represents user assigned identities map. UserAssignedIdentityMap

UserAssignedIdentityMap

Name Description Value

UserIdentity

Name Description Value
clientId the client identifier of the Service Principal which this identity represents. string
principalId the object identifier of the Service Principal which this identity represents. string