Do I need to create firewall rules? Does anyone have an example of creating a PGSQL on Azure?

@enough-kite-69616 you have two options: 1. you create

azure.postgresql.FirewallRule

which allows for full external access, e.g. from your home 2. you create

azure.postgresql.VirtualNetworkRule

which allows for machines on a subnet within your virtual network to access the database server. The example below shows the two cases:

// NOTE: don't use the Basic SKUs. Basic SKUs do not support the virtual network rules defined lower
// <https://docs.microsoft.com/en-us/azure/postgresql/concepts-limits#vnet-service-endpoints>
const databaseServer = new azure.postgresql.Server("test-dbs", {
    administratorLogin: dbAdministrator.user,
    administratorLoginPassword: dbAdministrator.password,
    location: dataResourceGroup.location,
    resourceGroupName: dataResourceGroup.name,
    skuName: "GP_Gen5_2",
    sslEnforcement: "Enabled",
    storageProfile: {
        autoGrow: "Enabled",
        backupRetentionDays: 7,
        geoRedundantBackup: "Disabled",
        storageMb: 5120,
    },
    version: "10",
});

// This resource is not really a firewall rule
// It manages the pg_hba.conf file describing from where connections are allowed to the PostgreSQL server.
// Notice: Firewall rule name limited to 16 characters (24 including random suffix added by Pulumi).
const databaseServerFirewallRuleOfficeGuest = new azure.postgresql.FirewallRule("officegst", {
    resourceGroupName: dataResourceGroup.name,
    serverName: databaseServer.name,
    endIpAddress: "<your-office-ip-here>",
    startIpAddress: "<your-office-ip-here>",
});

const subnetId = config.require("dbUsersSubnetId")
const databaseUsersNetworkRule = new azure.postgresql.VirtualNetworkRule("dbusersallowed", {
    resourceGroupName: dataResourceGroup.name,
    serverName: databaseServer.name,
    subnetId: subnetId,
});