0xMH
commented
3 months ago Is this related to https://github.com/cyrilgdn/terraform-provider-postgresql/issues/385?
Closed Teabeats closed 2 months ago
0xMH
commented
3 months ago Is this related to https://github.com/cyrilgdn/terraform-provider-postgresql/issues/385?
Teabeats
commented
3 months ago Is this related to #385?
No that issues is only related to using a service principle with the provider, this functionality allows to create new identity based logins/roles similar to azurerm_postgresql_flexible_server_active_directory_administrator, but for non-admins (eg workloads). It does required the provider to be used with an actual "flexible server active directory" administrator.
Teabeats
commented
3 months ago @cyrilgdn what is needed to pass the expected tests?
scrocquesel
commented
2 months ago I guess this is already covered in a more generic way with #365
Teabeats
commented
2 months ago I guess this is already covered in a more generic way with #365
Agree and thanks for mentioning, that is a much better solution. My PR started out using the first option in de ms docs using select * from pgaadauth_create_principal_with_oid and later changed to directly setting the security label. https://github.com/cyrilgdn/terraform-provider-postgresql/pull/365 has been open since oktober, wonder why?
Closing this PR in favour of https://github.com/cyrilgdn/terraform-provider-postgresql/pull/365 !
This is an Azure (PostgreSQL Flexible Server) specific addition to the role resource which allows to create roles and "assign" to them an Azure managed identity.
More details can be found here: https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/how-to-manage-azure-ad-users
Note: there are some additional features available like setting an admin or MFA flag which can be added easily if there is demand, but are left out to keep this PR and the list of options clean for now.