Add ability to authenticate against Azure Active Directory
It'd be really useful to not have to rely on DB users for authentication but allow integration with AAD. That way we can enforce password complexity, expiry etc which can't be done with native users.
Azure AD Integration for PostgreSQL is available in Public Preview:
Richard Smith commented
Active Directory authentication is now in public preview for the PaaS offering Azure Database for PostgreSQL -- single server.
The current support requires the user or application to acquire an access token to login.
Hi, Please can MS provide an update on what is being reviewed / worked on. Will this be available for PaaS or PaaS and IaaS offerings of PostgreSQL?
Mike Lewis commented
Our company cannot currently consume PostgreSQL because it does not integrate with Azure Active Directory. Since our strategy is PaaS over IaaS, we have selected a different platform service that does integrate with Active Directory, although PostgreSQL would have been more optimal.
Muhammad Umer Waqas commented
Is there any way to authenticate PostgreSQL Database using Azure Active Directory?
Tera Byte commented
Many companies use Active Directory to manage users and groups. Naturally, most companies would want to manage their database users and groups in Active Directory too. PostgreSQL comes with ldap/kerberos authentication by default but does not provide anything that helps with managing users and groups in an external directory. And even for the authentication the user already needs to be existent in PostgreSQL. Ideally an AD admin should be able to create a group for pg_admins and pg_users in AD. Users in those groups should be able to authenticate against postgres without having to add a username and pw entry on the db itself. Similar to SQL server. OR (I’m not sure if this is possible) adding RBAC users to the db instance in Azure Portal should add the user to the db and user-password syncs should happen between AD and the db. This would allow those admins to enforce password complexity, set password expiry rules, and simplify management of db users overall for operational teams.
Guys, seriously - give Win-based companies the tool to manage their users. When the staff is more than 100 people it becomes hard to support access rights without AD/AAD and they would be stone-sitting on SQL Servers...
Sunil Agarwal commented
Chris, thanks for interest. AAD investigation started late 2018. We are working on AAD integration for OSS databases. We don't have strict timelines for private/public/GA. I will be happy to talk to you to understand your requirements to unblock.
Riccardo Klinger commented
now it is end of 2018. is there any new insight regarding adding AAD to Azure Database fr PostgreSQL?