No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

That explanation would make sense - it’s possible azure reports the firewall rules as created before they have fully propagated. That would be unfortunate as it would make any infrastructure automation against those resources less reliable - so maybe an issue to report to Azure. 

That said - one workaround in Pulumi would be to do some custom work to “delay” until ready in between the DB creation and the Postgres provider connection. Something along the lines of <https://gist.github.com/lukehoban/fd0355ed5b82386bd89c0ffe2a3c916a#file-waitforjob-ts-L20|https://gist.github.com/lukehoban/fd0355ed5b82386bd89c0ffe2a3c916a#file-waitforjob-ts-L20> might work. 