DB Wiki

User Tools

Site Tools

Trace:
postgresqlflexible

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
postgresqlflexible [2025/03/26 14:23] z0hpvkpostgresqlflexible [2025/03/26 14:58] (current) z0hpvk
Line 1: Line 1:
-==== Entra ID Authentication ====+===== Entra ID Authentication ===== 
 +[[https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/how-to-manage-azure-ad-users]] 
 +==== Logon ====
  
-<code>+<code powershell>
 az login az login
 az account get-access-token --resource-type oss-rdbms --output tsv --query accessToken az account get-access-token --resource-type oss-rdbms --output tsv --query accessToken
 $env:PGPASSWORD='<Access_Token>' $env:PGPASSWORD='<Access_Token>'
 psql "host=server.postgres.database.azure.com user=postgres_users dbname=postgres sslmode=require" psql "host=server.postgres.database.azure.com user=postgres_users dbname=postgres sslmode=require"
 +</code>
 +
 +==== Administration ====
 +<code postgresql>
 +-- Display all existing Entra principals
 +select * from pg_catalog.pgaadauth_list_principals(false);
 +
 +-- Add Entra principal to the server, "roleName" must match the name of an existing Entra principal
 +select * from pg_catalog.pgaadauth_create_principal(roleName text, isAdmin boolean, isMfa boolean)
 +select * from pg_catalog.pgaadauth_create_principal('postgres_users', false, false)
 +</code>
 +
 +<code postgresql>
 +-- Enable Microsoft Entra authentication for an existing PostgreSQL role
 +SECURITY LABEL for "pgaadauth" on role "postgres_admin" is 'aadauth,oid=<objectId>,type=<objectType>,admin';
 </code> </code>
postgresqlflexible.1742999025.txt.gz · Last modified: 2025/03/26 14:23 by z0hpvk