{"id":41079,"date":"2022-12-03T00:19:52","date_gmt":"2022-12-03T07:19:52","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/premier-developer\/?p=41079"},"modified":"2022-12-01T07:40:32","modified_gmt":"2022-12-01T14:40:32","slug":"introduce-rbac-in-postgresql-flexible-server","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/premier-developer\/introduce-rbac-in-postgresql-flexible-server\/","title":{"rendered":"Introduce RBAC in PostgreSQL Flexible Server"},"content":{"rendered":"<p><a href=\"https:\/\/www.linkedin.com\/in\/ptian\/\">Pete Tian<\/a> spotlights RBAC for PostgreSQL Flexible Server.<\/p>\n<hr \/>\n<p><a href=\"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-content\/uploads\/sites\/31\/2022\/12\/RBACinPostgeSQL.png\"><img decoding=\"async\" class=\"alignnone size-full wp-image-41081\" src=\"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-content\/uploads\/sites\/31\/2022\/12\/RBACinPostgeSQL.png\" alt=\"Image RBACinPostgeSQL\" width=\"1308\" height=\"600\" srcset=\"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-content\/uploads\/sites\/31\/2022\/12\/RBACinPostgeSQL.png 1308w, https:\/\/devblogs.microsoft.com\/premier-developer\/wp-content\/uploads\/sites\/31\/2022\/12\/RBACinPostgeSQL-300x138.png 300w, https:\/\/devblogs.microsoft.com\/premier-developer\/wp-content\/uploads\/sites\/31\/2022\/12\/RBACinPostgeSQL-1024x470.png 1024w, https:\/\/devblogs.microsoft.com\/premier-developer\/wp-content\/uploads\/sites\/31\/2022\/12\/RBACinPostgeSQL-768x352.png 768w\" sizes=\"(max-width: 1308px) 100vw, 1308px\" \/><\/a><\/p>\n<p class=\"reader-text-block__paragraph\">As more enterprises modernize identity management by using\u00a0<a href=\"https:\/\/en.wikipedia.org\/wiki\/Role-based_access_control\">RBAC<\/a>\u00a0and simply authentication with\u00a0<a href=\"https:\/\/en.wikipedia.org\/wiki\/Single_sign-on\">Single Sign-On<\/a>, the efforts of maintaining separate sets of username\/password for every legacy database instance is still excessive operational overhead that is considerable for IT admins. Even worse, once the databases migrated to public cloud with public IP exposure, the legacy identity management system became a security nightmare.<\/p>\n<p class=\"reader-text-block__paragraph\">The voice demanding integration of RBAC \/ RDBMS access management has been crescendo in recent years, and finally a solution from Microsoft looks promising. Early this year Microsoft announced\u00a0<a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/active-directory-whatis\">Azure Active Directory<\/a>\u00a0for authentication with PostgresSQL Flexible Server in\u00a0<a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/postgresql\/flexible-server\/how-to-configure-sign-in-azure-ad-authentication#code-try-3\">public preview<\/a>.<\/p>\n<p class=\"reader-text-block__paragraph\">In this blog, I am going to demo how to create a RBAC enabled PostgreSQL Flex Server instance in Azure, then test the DB connection in Linux shell interface and <a href=\"https:\/\/www.pgadmin.org\/download\/\">pgAdmin<\/a>\u00a0client through LDAP id and access token, rather than using traditional username password pair.<\/p>\n<p>Check out Pete&#8217;s full post <a href=\"https:\/\/www.linkedin.com\/pulse\/lets-try-azure-active-directory-authentication-postgresql-pete-tian\/\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Pete Tian spotlights RBAC for PostgreSQL Flexible Server. As more enterprises modernize identity management by using\u00a0RBAC\u00a0and simply authentication with\u00a0Single Sign-On, the efforts of maintaining separate sets of username\/password for every legacy database instance is still excessive operational overhead that is considerable for IT admins. Even worse, once the databases migrated to public cloud with public [&hellip;]<\/p>\n","protected":false},"author":582,"featured_media":41080,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[25,8],"tags":[303,10636],"class_list":["post-41079","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure","category-data","tag-postgresql","tag-rbac"],"acf":[],"blog_post_summary":"<p>Pete Tian spotlights RBAC for PostgreSQL Flexible Server. As more enterprises modernize identity management by using\u00a0RBAC\u00a0and simply authentication with\u00a0Single Sign-On, the efforts of maintaining separate sets of username\/password for every legacy database instance is still excessive operational overhead that is considerable for IT admins. Even worse, once the databases migrated to public cloud with public [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/posts\/41079","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/users\/582"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/comments?post=41079"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/posts\/41079\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/media\/41080"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/media?parent=41079"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/categories?post=41079"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/tags?post=41079"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}