Add ability to authenticate against Azure Active Directory
It'd be really useful to not have to rely on DB users for authentication but allow integration with AAD. That way we can enforce password complexity, expiry etc which can't be done with native users.
Tera Byte commented
Many companies use Active Directory to manage users and groups. Naturally, most companies would want to manage their database users and groups in Active Directory too. PostgreSQL comes with ldap/kerberos authentication by default but does not provide anything that helps with managing users and groups in an external directory. And even for the authentication the user already needs to be existent in PostgreSQL. Ideally an AD admin should be able to create a group for pg_admins and pg_users in AD. Users in those groups should be able to authenticate against postgres without having to add a username and pw entry on the db itself. Similar to SQL server. OR (I’m not sure if this is possible) adding RBAC users to the db instance in Azure Portal should add the user to the db and user-password syncs should happen between AD and the db. This would allow those admins to enforce password complexity, set password expiry rules, and simplify management of db users overall for operational teams.
Guys, seriously - give Win-based companies the tool to manage their users. When the staff is more than 100 people it becomes hard to support access rights without AD/AAD and they would be stone-sitting on SQL Servers...
Sunil Agarwal commented
Chris, thanks for interest. AAD investigation started late 2018. We are working on AAD integration for OSS databases. We don't have strict timelines for private/public/GA. I will be happy to talk to you to understand your requirements to unblock.
Riccardo Klinger commented
now it is end of 2018. is there any new insight regarding adding AAD to Azure Database fr PostgreSQL?