Azure Database for PostgreSQL is a relational database service based on the open-source Postgres database engine. It's a fully managed service provided by Microsoft Azure. It offers mission-critical workloads with predictable performance, security, high availability and dynamic scalability. 

It's available in two deployment options

  1. Single Server (supports vertical scale on demand)
  2. Hyperscale server (supports horizontal scale across machine using sharding)

For this blog, we'll explore "Single Server" deployment only.

We'll also be looking into few integrations along with the deployment of Azure Database for PostgreSQL. These integration will include:

  1. Virtual Network integration for existing virtual network
  2. Diagnostics logs integration (generated logs to send across storage account and log analytics workspace and stream to event hub)
  3. Azure Active Directory User/group integration
  4. Key vault integration to store administrator password

Pre-requisites before running ARM template:

I would recommend to have below resources created already in your environment if it is not present right now before proceeding with deployment

  1. Azure Subscription
  2. Azure Resource Group (rg-postgresqlpoc)
  3. Virtual Network to integrate
  4. Storage account, Log Analytics Workspace and Event hub to integrate 
  5. Azure AD user/group integrate
  6. Key vault with secret to integrate

Our approach for various integrations is to use linked ARM template. Linked template refers to a separate template file that is referenced via a link from the main template.

So, there will be two .json template file and one .json parameter file.

Template file:

This is the child template calling the parent template under the variable "templateuri". When referencing a linked template, the value of uri must not be a local file or a file that is only available on your local network. You must provide a URI value that downloadable as http or https

Parameter file:

Once you have template and parameter file ready, you can either deploy it using Azure portal, PowerShell script. We'll use "Deploy a custom template" feature over Azure portal.

Step 1: Open Azure portal, search "Deploy a custom template"

Step 2: Load template and parameter file using "Edit template" and "Edit parameters" option respectively as shown in below screenshot

Step 3: Click "Next : Review + Create", it will run validation. Once validation succeed, you can see the message as per below screenshot:

Step 4: Click "Create" to create Azure Database for PostgreSQL with all integrations.

and, that's pretty much it!

Please note, I've done mainly all the integration in parent file uploaded at storage account and just using child template for key vault integration. 

Parent file includes AD integration, Diagnostic Logs integration and VNet integration whereas key vault integration is in child template file as shown in below screenshot.

AD Integration section in parent template file:

Diagnostics Logs Integration section in parent template file:

VNet Integration section in parent template file:

Key Vault Integration section in child template file:


This complete deployment with all possible integrations took around 10-12 mins. only. This covered all aspects of deployment and design in this article.