Clarify the purpose of `admin` parameter when adding security labels in Postgres Flexible Server

[jarpoole]

The example SQL command provided in the documentation includes the admin parameter but the documentation on the purpose of the parameters does not clarify what this is for and if it even needs to be included

Would be good to get the purpose of the admin parameter documented!

---

Document Details

⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

• ID: c454ed0e-944b-2933-ff30-5969ff0de1c9
• Version Independent ID: 6f69997e-b534-e573-154d-7116e189d3c9
• Content: Manage Microsoft Entra users - Azure Database for PostgreSQL - Flexible Server
• Content Source: articles/postgresql/flexible-server/how-to-manage-azure-ad-users.md
• Service: postgresql
• Sub-service: flexible-server
• GitHub Login: @achudnovskij
• Microsoft Alias: anchudno

[TPavanBalaji]

@jarpoole Thanks for your feedback! We will investigate and update as appropriate.

[TPavanBalaji]

@jarpoole The admin parameter is a choice parameter that is applied to groups that are admin groups. If not, it can be omitted.

[ThomasShih]

Asking on behalf of the team here with @jarpoole!

If not, it can be omitted.

Thank you! We will omit this for our non admin security labels

@jarpoole The admin parameter is a choice parameter that is applied to groups that are admin groups.

To what capacity is this admin parameter related to the Microsoft Entra Admins within the azure blade for postgres flexible servers? Or is it a thing for Microsoft internal logic only and doesn't really affect us?

I noticed that when we create an Microsoft Entra Admin within the azure blade (or via terraform), a security label is created with this admin parameter. But I don't think an Microsoft Entra Admin is created when a security label is made via the sql command with admin.

[jarpoole]

Just commenting here to make sure the ticket shows we've responded. @ThomasShih has summarized the question really well? What exactly does admin mean in this context? It certainly doesn't mean admin/superuser as far as Postgres is concerned because that is reserved for the azuresu role provisioned by microsoft only.

[TPavanBalaji]

@jarpoole @ThomasShih Thank you for your feedback! Since this issue isn't directly related to improving our docs, and to gain a better understanding of your issue, I'd recommend working closer with our support team via an Azure support request. Or you can leverage our Q&A forum by posting your issue there so our community, and MVPs can further assist you in troubleshooting this issue or finding potential workarounds. Teams Q&A forum for technical questions about the configuration and administration of Microsoft Teams on Windows. Microsoft Teams Community forum Thank you for your time and patience throughout this issue.

[TPavanBalaji]

@jarpoole We are going to close this thread as resolved but if there are any further questions regarding the documentation, please tag me in your reply and we will be happy to continue the conversation.

[ThomasShih]

@TPavanBalaji it would be really nice for this admin to be documented! As a dev who is trying to create security labels with entra, we should be able to go to the docs to understand what it means. It is especially confusing when we are specifically trying to not add an admin label to a role but see the admin in the recommended command.

Can you please open a ticket up for documenting this at the very least? Thank you!

[TPavanBalaji]

@jarpoole @ThomasShih Thank you for bringing this to our attention. I've delegated this to content author, who will review it and offer their insightful opinions.

[nachoalonsoportillo]

@jarpoole @ThomasShih Thanks for having created this issue. I have just updated the article to explain what is the purpose of admin in the security label.

[nachoalonsoportillo]

please-close