Create roles with Azure managed identities in Azure PostgreSQL Flexible Servers

[Teabeats]

This is an Azure (PostgreSQL Flexible Server) specific addition to the role resource which allows to create roles and "assign" to them an Azure managed identity.

More details can be found here: https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/how-to-manage-azure-ad-users

Note: there are some additional features available like setting an admin or MFA flag which can be added easily if there is demand, but are left out to keep this PR and the list of options clean for now.

[0xMH]

Is this related to #385?

[Teabeats]

Is this related to #385?

No that issues is only related to using a service principle with the provider, this functionality allows to create new identity based logins/roles similar to azurerm_postgresql_flexible_server_active_directory_administrator, but for non-admins (eg workloads). It does required the provider to be used with an actual "flexible server active directory" administrator.

[Teabeats]

@cyrilgdn what is needed to pass the expected tests?

[scrocquesel]

I guess this is already covered in a more generic way with #365

[Teabeats]

I guess this is already covered in a more generic way with #365

Agree and thanks for mentioning, that is a much better solution. My PR started out using the first option in de ms docs using select * from pgaadauth_create_principal_with_oid and later changed to directly setting the security label. #365 has been open since oktober, wonder why?

Closing this PR in favour of #365 !