Hello everyone,
I have a question regarding deletion sequence with an Azure PostgreSQL Flexible server with the AD auth mechanism and AD admins enabled.
Once the ‘active_directory_auth_enabled’ feature in the ‘azurerm_postgresql_flexible_server’ is enabled and AD admins setup with ‘azurerm_postgresql_flexible_server_active_directory_administrator’ block it is not possible to delete them afterwards, it should always remains at least one admin (user, managed identity or Service principal).
This is an issue when I want to delete the database because the dependencies are failing to be all well deleted before it, thus stopping the deletion process.
I also tried to disable the AD auth and enable the local account but then, the plan failed to retrieve the ‘azurerm_postgresql_flexible_server_active_directory_administrator’ blocks with the following error:
Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="" Message="Azure AD authentication is not enabled for the given server <server_name> in resource group <resource_group_name> in subscription <sub_ID>"
The only quick fix I’ve found is to remove the whole database + admins module from the state and delete them manually through the Azure portal…
Does anyone has faced this situation ?
Any advises would be appreciate!
Thanks all!