Problem
A recent change to the Azure Database for PostgreSQL feature-set now enforces the ability to “allow-list” any desired PostgreSQL extensions for their PostgreSQL Flexible Server. The desired extensions must be selected before they can be installed and/or used within a database. More information about this can be found in the Azure documentation.
This issue can be confirmed by checking the logs of the ptfe_migrations or tfe-migrations(for TFE v202205-1 or above) container. A positive acknowledgment of the issue will appear as the following log:
PG::FeatureNotSupported: ERROR: extension "hstore" is not allow-listed for "azure_pg_admin" users in Azure Database for PostgreSQL
Prerequisites
- Azure Database for PostgreSQL Flexible Server
- Terraform Enterprise in External Services mode
NOTE: For Terraform Enterprise v202205-1 or later the container prefix has changed from ptfe_ to tfe-, for example ptfe_migrations in v202205-1 and above would show as tfe-migrations.
Solutions
If the Azure Database for PostgreSQL server is managed with Terraform, this resource must enable the appropriate "allow-list" entries for Terraform Enterprise:
resource "azurerm_postgresql_flexible_server_configuration" "tfe" {
name = "azure.extensions"
server_id = azurerm_postgresql_flexible_server.tfe.id
value = "CITEXT,HSTORE,UUID-OSSP"
}
If a manual process is in use, simply ensure that the CITEXT, HSTORE, and UUID-OSSP extensions are checked under theazure.extensions server parameters. See the following screenshot for context:
Outcome
After allowing the appropriate extensions in Azure, restart the Terraform Enterprise application and it should start up as expected. As always, if additional help is required, please reach out to HashiCorp Support.
Additional Information
- https://docs.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-extensions