Unable to create Azure Database for Postgres Flexible Server using terraform script due to Internal Server Error.

Question

Unable to create Azure Database for Postgres Flexible Server using terraform script due to Internal Server Error.

Shubham Kumar 25

Hello everyone, I'm unable to create an azurerm_postgresql_flexible_server resource using terrafrom script. I'm getting following error:

user@host:~/infra$ terraform apply tfplan.terraform

azurerm_postgresql_flexible_server.postgressrv: Creating...

azurerm_postgresql_flexible_server.postgressrv: Still creating... [10s elapsed]

azurerm_postgresql_flexible_server.postgressrv: Still creating... [20s elapsed]

azurerm_postgresql_flexible_server.postgressrv: Still creating... [30s elapsed]

azurerm_postgresql_flexible_server.postgressrv: Still creating... [40s elapsed]

azurerm_postgresql_flexible_server.postgressrv: Still creating... [50s elapsed]

azurerm_postgresql_flexible_server.postgressrv: Still creating... [1m0s elapsed]

╷

│ Error: creating Flexible Server (Subscription: "<mysubid>"

│ Resource Group Name: "resgroup-test-postgressrv"

│ Flexible Server Name: "postgres-common-test"): polling after Create: polling failed: the Azure API returned the following error:

│

│ Status: "InternalServerError"

│ Code: ""

│ Message: "An unexpected error occured while processing the request. Tracking ID: '<some_tracking_id>'"

│ Activity Id: ""

│

│ ---

│

│ API Response:

│

│ ----[start]----

│ {"name":"<some_activity_id>","status":"Failed","startTime":"2025-03-07T08:42:00.087Z","error":{"code":"InternalServerError","message":"An unexpected error occured while processing the request. Tracking ID: '<some_tracking_id>'"}}

│ -----[end]-----

│

│ with azurerm_postgresql_flexible_server.postgressrv,

│ on main.tf line 6, in resource "azurerm_postgresql_flexible_server" "postgressrv":

│ 6: resource "azurerm_postgresql_flexible_server" "postgressrv" {

Here's my script:
main.tf

resource "azurerm_resource_group" "resource_group" {
  name     = local.resource_group_name
  location = var.location
}

resource "azurerm_postgresql_flexible_server" "postgressrv" {
  name                          = local.hostname
  resource_group_name           = azurerm_resource_group.resource_group.name
  location                      = azurerm_resource_group.resource_group.location
  version                       = var.pg_version
  administrator_login           = var.username
  administrator_password        = var.password
  zone                          = 3
  storage_mb                    = 32768
  storage_tier                  = "P4"
  sku_name                      = var.sku_name
  backup_retention_days         = 7
  geo_redundant_backup_enabled  = false
  public_network_access_enabled = true
  auto_grow_enabled = true

  authentication {
    password_auth_enabled = true
  }

  tags = {
    env     = var.env
    purpose = "airflow"
  }

  depends_on = [azurerm_resource_group.resource_group]
}

variables.tf

variable "env" {
  default = "test"
}

variable "pg_version" {
  default = "16"
}

variable "location" {
  default = "northeurope"
}

variable "sku_name" {
  default = "B_Standard_B1ms"
}

variable "username" {
  default = "mytestpgadmin"
}

variable "password" {
  default = "H4sh1C0rp!!"
}

providers.tf

terraform {
  required_version = ">=1.0"
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~>3.0"
    }
  }
}

provider "azurerm" {
  features {}
}

I have already tried removing or changing the zone from 3 to 2 or even 1. I've used Azure Portal to create the same resource, and I was able to create it with same configuration using Azure Portal. What am I doing wrong here, I've prepared this script by following the examples, given at https://registry.terraform.io/providers/tfproviders/azurerm/latest/docs/resources/postgresql_flexible_server
and
https://learn.microsoft.com/en-us/azure/developer/terraform/deploy-postgresql-flexible-server-database?tabs=azure-cli

Vijayalaxmi Kattimani 3,250 Reputation points Microsoft External Staff Moderator

2025-03-07T11:24:17.48+00:00
Hi Shubham Kumar (iDEAS-Group),

Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

As we understand, you are encountering an internal server error while creating the azurerm_postgresql_flexible_server resource using Terraform. especially when the same configuration works fine through the Azure Portal.

We would like to inform you that, please ensure that your network configuration allows traffic to your flexible server. Sometimes, the flexible server might be blocking network traffic from your pipelines. You might need to add azurerm_postgresql_flexible_server_firewall_rule to allow traffic to your flexible server. Please refer to this document https://github.com/hashicorp/terraform-provider-azurerm/issues/17691

Double-check your Terraform script for any potential misconfigurations. Ensure that all required parameters are correctly set.

Here is an example of a Terraform script for creating a PostgreSQL flexible server:

resource "azurerm_postgresql_flexible_server" "example" { name = "example-flexible-server" location = azurerm_resource_group.example.location resource_group_name = azurerm_resource_group.example.name administrator_login = "adminuser" administrator_password = "P@ssw0rd1234!" sku_name = "GP_Standard_D4ds_v4" storage_mb = 32768 version = "13" backup_retention_days = 7 geo_redundant_backup_enabled = false high_availability { mode = "ZoneRedundant" } }

I hope this information helps.

If the issue still persists, please let us know here. We will respond with more details and try to help you.
Adithya Prasad K 1,375 Reputation points Microsoft External Staff Moderator

2025-03-10T03:35:39.1333333+00:00

Hi Shubham Kumar (iDEAS-Group),
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.

Shubham Kumar 25

Hi @Vijayalaxmi Kattimani , @Adithya Prasad K

Thank you for your responses. After your response I took the script that is provided in the Microsoft Learn portal tutorial:

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "northeurope"
}

resource "azurerm_postgresql_flexible_server" "example" {
  name                = "example-psqlflexibleserver"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  version             = "12"
  public_network_access_enabled = true
  administrator_login           = "psqladmin"
  administrator_password        = "H@Sh1CoR3!"
  zone                          = "1"

  storage_mb   = 32768
  storage_tier = "P4"

  sku_name = "B_Standard_B1ms"
}

resource "azurerm_postgresql_flexible_server_firewall_rule" "firewall_rule" {
  name             = "AllowAll"
  server_id        = azurerm_postgresql_flexible_server.example.id
  start_ip_address = "0.0.0.0"
  end_ip_address   = "255.255.255.255"

  depends_on = [azurerm_postgresql_flexible_server.example]
}

This is the most simplest version it can be. Also, as Vijaya said, I added a firewall rule (I don't think that is anyway helpful, since it depends on the creation of the flexible server which itself is failing in the first place). Still I'm getting the same error.

Vijayalaxmi Kattimani 3,250 Reputation points Microsoft External Staff Moderator

2025-03-11T17:44:29.1+00:00

Hi @Shubham Kumar (iDEAS-Group),

Could you please confirm if you are trying to deploy using private endpoint?
Shubham Kumar 25 Reputation points

2025-03-12T05:05:19.9433333+00:00

No @Vijayalaxmi Kattimani
PratikLad 1,825 Reputation points Microsoft External Staff Moderator

2025-03-12T10:18:37.3133333+00:00
Hi @Shubham Kumar (iDEAS-Group),

run this command and share the SKU availability in the specific region where you try to provision the SKU:

az postgres flexible-server list-skus --location northeurope --output table

Is the name unique for the server that is trying to provision?

Shubham Kumar 25

here's the output:

SKU                Tier             VCore    Memory    Max Disk IOPS
-----------------  ---------------  -------  --------  ---------------
Standard_B1ms      Burstable        1        2 GiB     640
Standard_B2s       Burstable        2        4 GiB     1280
Standard_B2ms      Burstable        2        8 GiB     1920
Standard_B4ms      Burstable        4        16 GiB    2880
Standard_B8ms      Burstable        8        32 GiB    4320
Standard_B12ms     Burstable        12       48 GiB    4320
Standard_B16ms     Burstable        16       64 GiB    4320
Standard_B20ms     Burstable        20       80 GiB    4320
Standard_D2s_v3    GeneralPurpose   2        8 GiB     3200
Standard_D4s_v3    GeneralPurpose   4        16 GiB    6400
Standard_D8s_v3    GeneralPurpose   8        32 GiB    12800
Standard_D16s_v3   GeneralPurpose   16       64 GiB    25600
Standard_D32s_v3   GeneralPurpose   32       128 GiB   51200
Standard_D48s_v3   GeneralPurpose   48       192 GiB   76800
Standard_D64s_v3   GeneralPurpose   64       256 GiB   80000
Standard_D2ds_v4   GeneralPurpose   2        8 GiB     3200
Standard_D4ds_v4   GeneralPurpose   4        16 GiB    6400
Standard_D8ds_v4   GeneralPurpose   8        32 GiB    12800
Standard_D16ds_v4  GeneralPurpose   16       64 GiB    25600
Standard_D32ds_v4  GeneralPurpose   32       128 GiB   51200
Standard_D48ds_v4  GeneralPurpose   48       192 GiB   76800
Standard_D64ds_v4  GeneralPurpose   64       256 GiB   80000
Standard_D2ds_v5   GeneralPurpose   2        8 GiB     3750
Standard_D4ds_v5   GeneralPurpose   4        16 GiB    6400
Standard_D8ds_v5   GeneralPurpose   8        32 GiB    12800
Standard_D16ds_v5  GeneralPurpose   16       64 GiB    25600
Standard_D32ds_v5  GeneralPurpose   32       128 GiB   51200
Standard_D48ds_v5  GeneralPurpose   48       192 GiB   76800
Standard_D64ds_v5  GeneralPurpose   64       256 GiB   80000
Standard_D96ds_v5  GeneralPurpose   96       384 GiB   80000
Standard_E2s_v3    MemoryOptimized  2        16 GiB    3200
Standard_E4s_v3    MemoryOptimized  4        32 GiB    6400
Standard_E8s_v3    MemoryOptimized  8        64 GiB    12800
Standard_E16s_v3   MemoryOptimized  16       128 GiB   25600
Standard_E32s_v3   MemoryOptimized  32       256 GiB   32000
Standard_E48s_v3   MemoryOptimized  48       384 GiB   51200
Standard_E64s_v3   MemoryOptimized  64       432 GiB   76800
Standard_E2ds_v4   MemoryOptimized  2        16 GiB    3200
Standard_E4ds_v4   MemoryOptimized  4        32 GiB    6400
Standard_E8ds_v4   MemoryOptimized  8        64 GiB    12800
Standard_E16ds_v4  MemoryOptimized  16       128 GiB   25600
Standard_E20ds_v4  MemoryOptimized  20       160 GiB   32000
Standard_E32ds_v4  MemoryOptimized  32       256 GiB   51200
Standard_E48ds_v4  MemoryOptimized  48       384 GiB   76800
Standard_E64ds_v4  MemoryOptimized  64       432 GiB   80000
Standard_E2ds_v5   MemoryOptimized  2        16 GiB    3750
Standard_E4ds_v5   MemoryOptimized  4        32 GiB    6400
Standard_E8ds_v5   MemoryOptimized  8        64 GiB    12800
Standard_E16ds_v5  MemoryOptimized  16       128 GiB   25600
Standard_E20ds_v5  MemoryOptimized  20       160 GiB   32000
Standard_E32ds_v5  MemoryOptimized  32       256 GiB   51200
Standard_E48ds_v5  MemoryOptimized  48       384 GiB   76800
Standard_E64ds_v5  MemoryOptimized  64       512 GiB   80000
Standard_E96ds_v5  MemoryOptimized  96       672 GiB   80000

I just tried to run the example script and I got server name is unavailable in response (which was "internal server error" earlier). I tried to run the example and it worked with the name "example-psqlflexibleserver-shubham". But now when I try to create my original server which I've mentioned in the terraform script in the question at the top, I'm getting the same Internal Server Error message. And I also verified that the name which I'm using in the top script is unique.

Shubham Kumar 25 Reputation points

2025-03-12T10:29:44.4866667+00:00

I also got a Service Health alert today, which is resolved now:
Shubham Kumar 25 Reputation points

2025-03-12T12:00:11.8566667+00:00
I tried creating the same server from Azure Portal and I got following error for the ARM deployment:

"message": "The resource write operation failed to complete successfully, because it reached terminal provisioning state 'Failed'."

The name which I'm using is "postgres-common-test".

Accepted answer

1 additional answer

Your answer

Vijayalaxmi Kattimani 3,250 Reputation points Microsoft External Staff Moderator

2025-03-07T11:24:17.48+00:00

Hi Shubham Kumar (iDEAS-Group),

Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

As we understand, you are encountering an internal server error while creating the azurerm_postgresql_flexible_server resource using Terraform. especially when the same configuration works fine through the Azure Portal.

We would like to inform you that, please ensure that your network configuration allows traffic to your flexible server. Sometimes, the flexible server might be blocking network traffic from your pipelines. You might need to add azurerm_postgresql_flexible_server_firewall_rule to allow traffic to your flexible server. Please refer to this document https://github.com/hashicorp/terraform-provider-azurerm/issues/17691

Double-check your Terraform script for any potential misconfigurations. Ensure that all required parameters are correctly set.

Here is an example of a Terraform script for creating a PostgreSQL flexible server:

resource "azurerm_postgresql_flexible_server" "example" { name = "example-flexible-server" location = azurerm_resource_group.example.location resource_group_name = azurerm_resource_group.example.name administrator_login = "adminuser" administrator_password = "P@ssw0rd1234!" sku_name = "GP_Standard_D4ds_v4" storage_mb = 32768 version = "13" backup_retention_days = 7 geo_redundant_backup_enabled = false high_availability { mode = "ZoneRedundant" } }

I hope this information helps.

If the issue still persists, please let us know here. We will respond with more details and try to help you.
Adithya Prasad K 1,375 Reputation points Microsoft External Staff Moderator

2025-03-10T03:35:39.1333333+00:00

Hi Shubham Kumar (iDEAS-Group),
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Shubham Kumar 25 Reputation points

2025-03-10T08:46:37.36+00:00

Hi @Vijayalaxmi Kattimani , @Adithya Prasad K

Thank you for your responses. After your response I took the script that is provided in the Microsoft Learn portal tutorial:

provider "azurerm" { features {} } resource "azurerm_resource_group" "example" { name = "example-resources" location = "northeurope" } resource "azurerm_postgresql_flexible_server" "example" { name = "example-psqlflexibleserver" resource_group_name = azurerm_resource_group.example.name location = azurerm_resource_group.example.location version = "12" public_network_access_enabled = true administrator_login = "psqladmin" administrator_password = "H@Sh1CoR3!" zone = "1" storage_mb = 32768 storage_tier = "P4" sku_name = "B_Standard_B1ms" } resource "azurerm_postgresql_flexible_server_firewall_rule" "firewall_rule" { name = "AllowAll" server_id = azurerm_postgresql_flexible_server.example.id start_ip_address = "0.0.0.0" end_ip_address = "255.255.255.255" depends_on = [azurerm_postgresql_flexible_server.example] }

This is the most simplest version it can be. Also, as Vijaya said, I added a firewall rule (I don't think that is anyway helpful, since it depends on the creation of the flexible server which itself is failing in the first place). Still I'm getting the same error.
Vijayalaxmi Kattimani 3,250 Reputation points Microsoft External Staff Moderator

2025-03-11T17:44:29.1+00:00

Hi @Shubham Kumar (iDEAS-Group),

Could you please confirm if you are trying to deploy using private endpoint?
Shubham Kumar 25 Reputation points

2025-03-12T05:05:19.9433333+00:00

No @Vijayalaxmi Kattimani
PratikLad 1,825 Reputation points Microsoft External Staff Moderator

2025-03-12T10:18:37.3133333+00:00

Hi @Shubham Kumar (iDEAS-Group),

run this command and share the SKU availability in the specific region where you try to provision the SKU:

az postgres flexible-server list-skus --location northeurope --output table

Is the name unique for the server that is trying to provision?
Shubham Kumar 25 Reputation points

2025-03-12T10:29:44.4866667+00:00

I also got a Service Health alert today, which is resolved now:
Shubham Kumar 25 Reputation points

2025-03-12T12:00:11.8566667+00:00

I tried creating the same server from Azure Portal and I got following error for the ARM deployment:

"message": "The resource write operation failed to complete successfully, because it reached terminal provisioning state 'Failed'."

The name which I'm using is "postgres-common-test".

Answer 1

Oury Ba-MSFT 20,911 Microsoft Employee Moderator

Shubham Kumar (iDEAS-Group)

Thank you for reaching out.

I am sorry to hear about the issue you are facing.

There's a known issue where when a non-unique name is created in a different resource group, subscription or tenant, than the already existing one, the deployment fails with an Internal Server Error. Our team is actively working on it. As a workaround we would suggest choosing a different until this is completely fixed.

Regards,

Oury

Oury Ba-MSFT 20,911 Reputation points Microsoft Employee Moderator

2025-03-21T16:26:13.3066667+00:00

Shubham Kumar (iDEAS-Group)

Please do mark answer as accepted so it will be visible and helpful for other community members with the same issue.

Regards,

Oury
Shubham Kumar 25 Reputation points

2025-03-21T17:22:17.41+00:00

Oops! By mistake I posted comment for your answer under @PratikLad 's answer. Anyways, I'll accept your answer here. Thank you all @PratikLad @Vijayalakshmi Kattimani @Adithya Prasad K @Oury Ba-MSFT for your contributions here.

Answer 2

As we discussed in comment you are able to deploy the Azure Database for Postgres Flexible Server when you change the name.

I tried to run the example and it worked with the name "example-psqlflexibleserver-shubham"

The error you are encountering is due to a previously created resource with the same name that was deleted. When you attempt to create a new resource with the same name, the cached data from the earlier resource is causing the issue.

The name which you are using is postgres-common-test is most common name.

To resolve this you can use, the resource random_string that generates a random permutation of alphanumeric characters and optionally special characters as below example:


resource "random_string" "server_name_suffix" {

length = 6

special = false

upper = false

numeric = true

}

My terraform code:

    terraform {
  required_version = ">=1.0"
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~>3.0"
    }
  }
}

provider "azurerm" {
  features {}
}

variable "env" {
  default = "test"
}

variable "location" {
  default = "northeurope"
}

variable "pg_version" {
  default = "16"
}

variable "sku_name" {
  default = "B_Standard_B1ms"
}

variable "admin_username" {
  default = "pgadmin"
}

variable "admin_password" {
  default = "H4sh1C0rp!!"
}

variable "allowed_ip_range" {
  default = ""
}

resource "azurerm_resource_group" "rg" {
  name     = "rg-${var.env}-postgres"
  location = var.location
}

resource "random_string" "server_name_suffix" {
  length  = 6
  special = false
  upper   = false
  numeric = true
}

resource "azurerm_postgresql_flexible_server" "postgres" {
  name                          = "psqlflexible-${random_string.server_name_suffix.result}"
  resource_group_name           = azurerm_resource_group.rg.name
  location                      = azurerm_resource_group.rg.location
  version                       = var.pg_version
  administrator_login           = var.admin_username
  administrator_password        = var.admin_password
  storage_mb                    = 32768
  storage_tier                  = "P4"
  sku_name                      = var.sku_name
  geo_redundant_backup_enabled  = false
  public_network_access_enabled = true
  auto_grow_enabled             = true
  zone                   = "1"

  authentication {
    password_auth_enabled = true
  }
  tags = {
    environment = var.env
  }
}

resource "azurerm_postgresql_flexible_server_database" "database" {
  name      = "mytestdb"
  server_id = azurerm_postgresql_flexible_server.postgres.id
  collation = "en_US.utf8"
  charset   = "UTF8"
}
 
resource "azurerm_postgresql_flexible_server_firewall_rule" "allow_range" {
  name      = "allow-ip-range"
  server_id = azurerm_postgresql_flexible_server.postgres.id
  start_ip_address = var.allowed_ip_range
  end_ip_address   = "your IP" 
}

Here is the above terraform code deployed the resource with the name where it contains random characters. enter image description here

Updated:

The Azure Database for Postgres Flexible Server name you are trying to use should be globally unique across Azure. Azure Database for Postgres Flexible Server names must be unique not only within your subscription but also across all Azure tenants.

So even if the previous Azure Database for Postgres Flexible server was deleted in tenant #1, it might still be reserved across Azure.

You can also try the following steps and see if that helps.

Clear “Cookies and Cached data” of your browser.
Private Mode (New InPrivate Window).
Try in different browser.

Shubham Kumar 25 Reputation points

2025-03-14T07:39:47.5766667+00:00

Hi @PratikLad
I can't use random string. Also, can you direct me to some documentation where it's mentioned that resource names are cached and it is possible that even if the Azure Portal shows that the name is available, a user may or may not be able to use it while creating the resource?

Lastly, the command you provided here to check for the name availability is not working. I'm using az-cli 2.69.0.
PratikLad 1,825 Reputation points Microsoft External Staff Moderator

2025-03-17T04:10:39.05+00:00

Hi Shubham Kumar (iDEAS-Group),

I have updated my answer please check updated section of answer if it helps you.
PratikLad 1,825 Reputation points Microsoft External Staff Moderator

2025-03-19T03:32:44.54+00:00

Hi Shubham Kumar (iDEAS-Group), We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Shubham Kumar 25 Reputation points

2025-03-19T05:10:30.6766667+00:00

Hi @PratikLad , I also tried creating the server with the name "postgres-common-test" (which is showing available in the browser) by clearing browser cache and in a different browser. It's not the issue with the cache (client-side). I got your point that the name should be unique across Azure, and I believe the Azure portal will show a name "available" only when it's unique and available across Azure. Right? Then my issue is still the same and not resolved yet. Correct?
Shubham Kumar 25 Reputation points

2025-03-21T03:21:16.1533333+00:00

Hi @Oury Ba-MSFT
I'm glad that you are already aware of it and working on it. I'm glad that you acknowledged it instead of calling it a client-side issue.

I've already used a different name to continue my work. But I just wanted to make sure when I close this thread it should be meaningful to someone else. That's why there's one last query:
If it's a known issue on the server side, shouldn't we call the behavior of Azure Portal showing a name available when it's not an UI issue?
Oury Ba-MSFT 20,911 Reputation points Microsoft Employee Moderator

2025-03-21T16:25:01.2266667+00:00

Shubham Kumar (iDEAS-Group) Thank you for getting back.

I absolutely agree with you on that "calling the behavior of Azure Portal showing a name available" I have reported to the product group. Thank you for this valuable feedback and trying to make this meaningful for other community members with the same issue. I am currently working with the team to make this internal server error more meaningful.

We will update the thread once I got an update from the team.

Appreciate your understanding and feedback.

Regards,

Oury

Share via

Unable to create Azure Database for Postgres Flexible Server using terraform script due to Internal Server Error.

1 additional answer

Your answer