Azure Database for PostgreSQL – Reference

Overview

Azure Database for PostgreSQL is a fully managed relational database service built on the open‑source PostgreSQL engine. It offers high‑availability, built‑in security, scaling on demand, and deep integration with Azure services.

Getting Started

  1. Log in to the Azure portal.
  2. Create a new Azure Database for PostgreSQL server from the marketplace.
  3. Configure server version, compute tier, and storage.
  4. Set up firewall rules to allow your client IP.
  5. Connect using your preferred client (psql, PgAdmin, etc.).

Example using psql:

psql "host=myserver.postgres.database.azure.com port=5432 dbname=mydb user=myadmin@myserver password=MyP@ssw0rd sslmode=require"

Connection Strings

Below are common connection string formats for different languages.

ADO.NET

Server=myserver.postgres.database.azure.com;Port=5432;Database=mydb;User Id=myadmin@myserver;Password=MyP@ssw0rd;Ssl Mode=Require;

JDBC

jdbc:postgresql://myserver.postgres.database.azure.com:5432/mydb?user=myadmin@myserver&password=MyP@ssw0rd&sslmode=require

Node.js (pg)

const { Client } = require('pg');
const client = new Client({
  host: 'myserver.postgres.database.azure.com',
  port: 5432,
  database: 'mydb',
  user: 'myadmin@myserver',
  password: 'MyP@ssw0rd',
  ssl: { rejectUnauthorized: true }
});
client.connect();

Scaling & Performance

Azure PostgreSQL supports vertical scaling (compute tier) and horizontal scaling (read replicas). Use the Azure portal or CLI to adjust resources without downtime.

Vertical Scaling

az postgres flexible-server update \
    --resource-group myRG \
    --name myserver \
    --sku-name Standard_D4s_v3

Read Replicas

az postgres flexible-server replica create \
    --resource-group myRG \
    --name myreplica \
    --source-server myserver \
    --location eastus2

Monitoring & Alerts

Azure Monitor provides metrics such as CPU usage, storage, connections, and query performance. Set up alerts via the portal or CLI.

Sample Alert Rule (CPU > 80%)

az monitor metrics alert create \
  --name HighCPUAlert \
  --resource-group myRG \
  --scopes /subscriptions/{subId}/resourceGroups/myRG/providers/Microsoft.DBforPostgreSQL/flexibleServers/myserver \
  --condition "max PostgreSQL_CPU > 80" \
  --description "CPU usage above 80%" \
  --action-group myActionGroup

Security & Compliance

  • Data encrypted at rest with Azure‑managed keys (or customer‑managed keys).
  • Transport encryption enforced (SSL/TLS).
  • Integration with Azure AD for authentication.
  • Network isolation using Virtual Networks and Private Endpoints.

Enable Azure AD Authentication

az postgres flexible-server aad-admin create \
  --resource-group myRG \
  --server-name myserver \
  --object-id 00000000-0000-0000-0000-000000000000 \
  --principal-name myadmin@example.com

FAQ

Can I use extensions?
Yes. Popular extensions such as postgis, pgcrypto, and citus are supported. Enable via the portal or CLI.
What is the backup retention period?
Point‑in‑time restore is available for up to 35 days (configurable).
Is there a free tier?
Azure offers a Basic tier with limited compute and storage suitable for development.