Skip to main content

Deploy Azure Database for PostgreSQL using ARM template

Azure Database for PostgreSQL is a relational database service based on the open-source Postgres database engine. It's a fully managed service provided by Microsoft Azure. It offers mission-critical workloads with predictable performance, security, high availability and dynamic scalability. 

    It's available in two deployment options

  1. Single Server (supports vertical scale on demand)
  2. Hyperscale server (supports horizontal scale across machine using sharding) 

For this blog, we'll explore "Single Server" deployment only.

We'll also be looking into few integrations along with the deployment of Azure Database for PostgreSQL. These integration will include:

  1. Virtual Network integration for existing virtual network
  2. Diagnostics logs integration (generated logs to send across storage account and log analytics workspace and stream to event hub)
  3. Azure Active Directory User/group integration
  4. Key vault integration to store administrator password

Pre-requisites before running ARM template:

I would recommend to have below resources created already in your environment if it is not present right now before proceeding with deployment

  1. Azure Subscription
  2. Azure Resource Group (rg-postgresqlpoc)
  3. Virtual Network to integrate
  4. Storage account, Log Analytics Workspace and Event hub to integrate 
  5. Azure AD user/group integrate
  6. Key vault with secret to integrate

Our approach for various integrations is to use linked ARM template. Linked template refers to a separate template file that is referenced via a link from the main template.

So, there will be two .json template file and one .json parameter file.

Template file:

This is the child template calling the parent template under the variable "templateuri". When referencing a linked template, the value of uri must not be a local file or a file that is only available on your local network. You must provide a URI value that downloadable as http or https

Parameter file:



Once you have template and parameter file ready, you can either deploy it using Azure portal, PowerShell script. We'll use "Deploy a custom template" feature over Azure portal.

Step 1: Open Azure portal, search "Deploy a custom template"

Step 2: Load template and parameter file using "Edit template" and "Edit parameters" option respectively as shown in below screenshot




Step 3: Click "Next : Review + Create", it will run validation. Once validation succeed, you can see the message as per below screenshot:

Step 4: Click "Create" to create Azure Database for PostgreSQL with all integrations.

and, that's pretty much it!

Please note, I've done mainly all the integration in parent file uploaded at storage account and just using child template for key vault integration. 

Parent file includes AD integration, Diagnostic Logs integration and VNet integration whereas key vault integration is in child template file as shown in below screenshot.

AD Integration section in parent template file:

Diagnostics Logs Integration section in parent template file:

VNet Integration section in parent template file:

Key Vault Integration section in child template file:

Summary:

This complete deployment with all possible integrations took around 10-12 mins. only. This covered all aspects of deployment and design in this article. 

If you have any suggestions/feedback, please leave your comment below. Thanks!

Labels:

Comments

Post a Comment

Popular posts from this blog

Securing Azure Virtual Desktop

Introduction Azure Virtual Desktop (AVD) offers a powerful and flexible solution for delivering virtualized desktops and applications. However, like any cloud-based service, AVD requires robust cybersecurity measures to protect sensitive data and ensure business continuity. This post explores key cybersecurity best practices, security features, and strategies for securing your AVD environment. Understanding the Threat Landscape Before diving into specific security measures, it's crucial to understand the potential threats targeting AVD environments. These include: Malware:  Viruses, ransomware, and other malicious software can compromise virtual desktops and steal data. Phishing:  Attackers may use phishing emails or websites to trick users into revealing their credentials. Brute-force attacks:  Attackers may attempt to guess user passwords through automated attacks. Insider threats:  Malicious or negligent employees ca...
Post a Comment
Read more

Workload Protection with Microsoft Defender for Cloud

‘ Microsoft Defender for Cloud’ (previously known as Azure Security Center and Azure Defender) is a tool that strengthen your Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWP) . It protects your workload running in Azure, hybrid, or any other cloud platforms. In this blogpost, we will mainly focus on Cloud Workload Protection (CWP), which are typically agent-based workload-centric security protection solutions along with below topics. 1.                           Enable ‘ Microsoft Defender for Cloud ’ on your subscriptions 2.                           Enable Enhanced security features 3.                           Workload Protection a.       Dashboard coverage b. ...
Post a Comment
Read more

Azure Virtual Desktop: Empowering Remote Work for Businesses

A Beginner's Guide to Unlocking Productivity   In today’s fast-paced, digital world, remote work has become more than a convenience— it’s a necessity. For businesses, managing a remote workforce effectively can be challenging. Azure Virtual Desktop, a powerful tool from Microsoft designed to streamline remote work and supercharge productivity. But what is Azure Virtual Desktop, and why should businesses care? Let’s break it down.   What is Azure Virtual Desktop?   Azure Virtual Desktop (AVD) is a cloud-based service that allows businesses to set up and manage virtual desktops and applications for their employees. Imagine your desktop, complete with all your files and software, accessible from anywhere in the world as long as you have an internet connection. AVD gives you that capability, securely hosted on Microsoft’s reliable cloud infrastructure.   Benefits of Azure Virtual Desktop   Azure Virtual Desktop offers a range of benefits that make it especially a...
Post a Comment
Read more

Contact Form

Name

Email *

Message *