Unable to connect to Azure Postgres Server 11

Question

Above is my network architecture. I'm connecting to a Azure Postgres Database (Version 11) from an AKS pod through private endpoint and facing the below error.

sqlalchemy.exc.OperationalError: (psycopg2.OperationalError) connection to server at "mypsg11privendpoint.com" (172.21.56.70), port 5432 failed: FATAL: Client from Azure Virtual Networks is not allowed to access the server using Private IP. Please make sure your Virtual Network is correctly configured.

Now the more surprising part is The same pod is able to connect to postgres server (Version 9.6) through private endpoint. The NIC for both private endpoints reside in the same subnet and has the same NSG.

Below are some of the factors I've already checked and implemented.

1. AKS pod Subnet has Service-Endpoint Microsoft.sql enabled.
2. Postgres Server has VNET rule referring to the AKS subnet.
3. Deny Public network Access set to "No" (Even though I'm using private endpoint I still set this to "no" for now)

Still I'm facing the same error when connecting to the version 11 DB. The only difference between the two dbs are it's version. Have I missed any other additional setting here? Does version 11 have any other additional firewall inside the DB?

Answer 1

You can try any of these

1. Try Adding a VNet rule under "Connection security" -> "VNET Rules".
2. Try switching Allow access to Azure services to ON
3. Try adding a missing VNet rule to the PostgreSQL server instance and reference the service endpoint-enabled subnet. It can be done via Portal or Azure CLI

Reference: Can't connect from azure resource to Azure database for postgres server