![]() ![]() Create a database and roles on the server and lock down access.Enable Azure AD authentication by configuring the Azure AD settings on the PostgreSQL servers.With this cakewalk out of the way we are going to work through the following high level steps. The groups intended purposes should be obvious from there names □ I assume you've already created a PostgreSQL single server and three Azure AD groups called psql-administrators, psql-demodb-readonly and psql-demodb-readwrite. The diagram bellow depicts the high-level architecture we are going to build. I have tested and adapted it to Azure AD environment. This article is based on a blog post by Yaser Raja, which can be found here. ![]() This is an often required use-case in corporate environments, that enforces a least privilege model. More specifically we are going to walk through the steps required to give members of one Azure AD group read-only permissions and members of another group read-write permissions to a single database. In this blog post I am going to demonstrate how we can mange database permissions with Azure AD groups. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |