>_SkillsHub

> azure-postgres

Create new Azure Database for PostgreSQL Flexible Server instances and configure passwordless authentication with Microsoft Entra ID. Set up developer access, managed identities for apps, group-based permissions, and migrate from password-based to Entra ID authentication. Trigger phrases include "passwordless for postgres", "entra id postgres", "azure ad postgres authentication", "postgres managed identity", "migrate postgres to passwordless".

fetch
$curl "https://skillshub.wtf/microsoft/skills/azure-postgres?format=md"
SKILL.mdazure-postgres

Azure Database for PostgreSQL

Configure passwordless authentication with Microsoft Entra ID for existing Azure Database for PostgreSQL Flexible Server. This skill focuses on setting up Entra ID authentication, managing user access, and migrating from password-based authentication.

Primary use cases:

  • Migrating existing PostgreSQL databases from password to Entra ID authentication
  • Setting up developer access with Azure identities
  • Configuring managed identity access for Azure-hosted applications
  • Managing group-based access control and permissions

MCP Tools (Preferred)

When Azure MCP is enabled, use these tools for PostgreSQL operations:

  • azure__postgres with command postgres_server_list - List PostgreSQL servers
  • azure__postgres with command postgres_database_list - List databases on a server
  • azure__postgres with command postgres_database_query - Execute SQL queries
  • azure__postgres with command postgres_server_param_get - Get server parameters
  • azure__postgres with command postgres_server_param_set - Set server parameters

CLI Commands (Fallback)

az postgres flexible-server list --output table
az postgres flexible-server db list --server-name SERVER -g RG
az postgres flexible-server show --name SERVER -g RG
az postgres flexible-server create --name SERVER -g RG --location REGION --admin-user ADMIN --version 16

Quick Reference

PropertyValue
CLI prefixaz postgres flexible-server
MCP toolsazure__postgres
Best forRelational data, PostgreSQL compatibility, PostGIS
Engine versionsPostgreSQL 11, 12, 13, 14, 15, 16 (recommended)

Working with Existing PostgreSQL Servers

This skill primarily focuses on configuring authentication for existing PostgreSQL servers. If you need to reference or create servers, use MCP tools or CLI commands, and provide Azure Portal links for easy access.

Portal Link Format:

https://portal.azure.com/#@{tenant-domain}/resource/subscriptions/{subscription-id}/resourceGroups/{resource-group}/providers/Microsoft.DBforPostgreSQL/flexibleServers/{server-name}/overview

Example portal link:

View in Azure Portal:
https://portal.azure.com/#resource/subscriptions/abc123.../resourceGroups/myrg/providers/Microsoft.DBforPostgreSQL/flexibleServers/myserver/overview

Microsoft Entra ID Authentication (Critical)

⚠️ ALWAYS use passwordless authentication with Entra ID for production workloads.

Complete Setup Guide

→ Microsoft Entra ID Authentication Setup Guide

This guide covers:

  • Enabling Entra ID authentication on PostgreSQL servers
  • Creating PostgreSQL roles mapped to Azure identities
  • Granting database permissions
  • Connecting with access tokens instead of passwords

Quick Setup Patterns

Use these patterns based on your scenario:

ScenarioGuide LinkUse When
Developer AccessPattern 1Grant developers access with their Azure identity
App AuthenticationPattern 2Passwordless access for Azure-hosted apps (Container Apps, App Service, Functions)
Team AccessPattern 3Manage permissions via Azure AD groups
Connection IssuesTroubleshootingDiagnose authentication and connection failures
MigrationPattern 5Transition from password to Entra ID authentication

Service Tiers

TiervCoresMemoryUse Case
Burstable1-200.5-4 GB/vCoreDev/test, low traffic
General Purpose2-644 GB/vCoreMost production workloads
Memory Optimized2-648 GB/vCoreHigh-memory workloads

Start with Burstable for dev/test, scale up as needed.

Common Issues

IssueCauseSolution
role does not existRole not created in databaseRun pgaadauth_create_principal - see guide
password authentication failedToken expired (5-60 min validity)Get fresh token: az account get-access-token --resource-type oss-rdbms
permission deniedRole lacks permissionsRun GRANT statements - see templates
Connection timeoutFirewall blocking accessAdd firewall rule: az postgres flexible-server firewall-rule create
Guest user login failsWrong UPN formatUse full UPN with #EXT# tag from Azure AD

SDK Quick References

References

> related_skills --same-repo

> skill-creator

Guide for creating effective skills for AI coding agents working with Azure SDKs and Microsoft Foundry services. Use when creating new skills or updating existing skills.

> podcast-generation

Generate AI-powered podcast-style audio narratives using Azure OpenAI's GPT Realtime Mini model via WebSocket. Use when building text-to-speech features, audio narrative generation, podcast creation from content, or integrating with Azure OpenAI Realtime API for real audio output. Covers full-stack implementation from React frontend to Python FastAPI backend with WebSocket streaming.

> mcp-builder

Guide for creating high-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use when building MCP servers to integrate external APIs or services, whether in Python (FastMCP), Node/TypeScript (MCP SDK), or C#/.NET (Microsoft MCP SDK).

> github-issue-creator

Convert raw notes, error logs, voice dictation, or screenshots into crisp GitHub-flavored markdown issue reports. Use when the user pastes bug info, error messages, or informal descriptions and wants a structured GitHub issue. Supports images/GIFs for visual evidence.

┌ stats

installs/wk0
░░░░░░░░░░
github stars1.8K
██████████
first seenMar 17, 2026
└────────────

┌ repo

microsoft/skills
by microsoft
└────────────

┌ tags

#backend#devops#database#security#data
└────────────