[RDBMS] BREAKING CHANGE: az postgres flexible-server create/update/ad-admin: Rename deprecated references to Microsoft Entra

src/azure-cli/azure/cli/command_modules/rdbms/_breaking_change.py

@@ -3,8 +3,8 @@
 # Licensed under the MIT License. See License.txt in the project root for license information.
 # --------------------------------------------------------------------------------------------
 
-from azure.cli.core.breaking_change import register_command_group_deprecate, register_default_value_breaking_change, \
-    register_argument_deprecate, register_other_breaking_change, register_logic_breaking_change
+from azure.cli.core.breaking_change import register_default_value_breaking_change, \
+    register_other_breaking_change, register_logic_breaking_change
 
 
 register_logic_breaking_change('postgres flexible-server create', 'Update default value of "--sku-name"',
@@ -13,9 +13,6 @@
 register_default_value_breaking_change('postgres flexible-server create', '--version', '16', '17')
 register_default_value_breaking_change('postgres flexible-server create', '--create-default-database', 'Enabled',
                                        'Disabled')
-register_argument_deprecate('postgres flexible-server create', '--active-directory-auth', '--microsoft-entra-auth')
-register_argument_deprecate('postgres flexible-server update', '--active-directory-auth', '--microsoft-entra-auth')
-register_command_group_deprecate('postgres flexible-server ad-admin', redirect='microsoft-entra-admin')
 register_other_breaking_change('postgres flexible-server update',
                                message='User confirmation will be needed for compute and storage updates '
                                'that trigger a restart of the server.')

src/azure-cli/azure/cli/command_modules/rdbms/_client_factory.py

@@ -370,7 +370,7 @@ def cf_postgres_flexible_operations(cli_ctx, _):
     return get_postgresql_flexible_management_client(cli_ctx).flexible_server
 
 
-def cf_postgres_flexible_adadmin(cli_ctx, _):
+def cf_postgres_flexible_admin(cli_ctx, _):
     return get_postgresql_flexible_management_client(cli_ctx).administrators
 
 

src/azure-cli/azure/cli/command_modules/rdbms/_helptext_pg.py

@@ -950,53 +950,6 @@
     text: az postgres flexible-server identity list -g testgroup -s testsvr
 """
 
-helps['postgres flexible-server ad-admin'] = """
-type: group
-short-summary: Manage server Microsoft Entra administrators.
-"""
-
-helps['postgres flexible-server ad-admin create'] = """
-type: command
-short-summary: Create a Microsoft Entra administrator.
-examples:
-  - name: Create Microsoft Entra administrator with user 'john@contoso.com', administrator ID '00000000-0000-0000-0000-000000000000' and type User.
-    text: az postgres flexible-server ad-admin create -g testgroup -s testsvr -u john@contoso.com -i 00000000-0000-0000-0000-000000000000 -t User
-"""
-
-helps['postgres flexible-server ad-admin delete'] = """
-type: command
-short-summary: Delete a Microsoft Entra administrator.
-examples:
-  - name: Delete Microsoft Entra administrator with ID '00000000-0000-0000-0000-000000000000'.
-    text: az postgres flexible-server ad-admin delete -g testgroup -s testsvr -i 00000000-0000-0000-0000-000000000000
-"""
-
-helps['postgres flexible-server ad-admin list'] = """
-type: command
-short-summary: List all Microsoft Entra administrators.
-examples:
-  - name: List Microsoft Entra administrators.
-    text: az postgres flexible-server ad-admin list -g testgroup -s testsvr
-"""
-
-helps['postgres flexible-server ad-admin show'] = """
-type: command
-short-summary: Get a Microsoft Entra administrator.
-examples:
-  - name: Get Microsoft Entra administrator with ID '00000000-0000-0000-0000-000000000000'.
-    text: az postgres flexible-server ad-admin show -g testgroup -s testsvr -i 00000000-0000-0000-0000-000000000000
-"""
-
-helps['postgres flexible-server ad-admin wait'] = """
-type: command
-short-summary: Wait for a Microsoft Entra administrator to satisfy certain conditions.
-examples:
-  - name: Wait until a Microsoft Entra administrator exists.
-    text: az postgres flexible-server ad-admin wait -g testgroup -s testsvr -i 00000000-0000-0000-0000-000000000000 --exists
-  - name: Wait for a Microsoft Entra administrator to be deleted.
-    text: az postgres flexible-server ad-admin wait -g testgroup -s testsvr -i 00000000-0000-0000-0000-000000000000 --deleted
-"""
-
 helps['postgres flexible-server microsoft-entra-admin'] = """
 type: group
 short-summary: Manage server Microsoft Entra administrators.

src/azure-cli/azure/cli/command_modules/rdbms/_params.py

@@ -526,12 +526,6 @@ def _flexible_server_params(command_group):
             validator=validate_identities
         )
 
-        active_directory_auth_arg_type = CLIArgumentType(
-            options_list=['--active-directory-auth'],
-            arg_type=get_enum_type(['Enabled', 'Disabled']),
-            help='Whether Microsoft Entra authentication is enabled.'
-        )
-
         microsoft_entra_auth_arg_type = CLIArgumentType(
             options_list=['--microsoft-entra-auth'],
             arg_type=get_enum_type(['Enabled', 'Disabled']),
@@ -599,7 +593,6 @@ def _flexible_server_params(command_group):
                 c.argument('storage_gb', default='128', arg_type=storage_gb_arg_type)
                 c.argument('version', default='17', arg_type=version_arg_type)
                 c.argument('backup_retention', default=7, arg_type=pg_backup_retention_arg_type)
-                c.argument('active_directory_auth', default='Disabled', arg_type=active_directory_auth_arg_type)
                 c.argument('microsoft_entra_auth', default='Disabled', arg_type=microsoft_entra_auth_arg_type)
                 c.argument('admin_id', options_list=['--admin-object-id', '-i'], help='The unique ID of the Microsoft Entra administrator.')
                 c.argument('admin_name', options_list=['--admin-display-name', '-m'], help='Display name of the Microsoft Entra administrator user or group.')
@@ -753,7 +746,6 @@ def _flexible_server_params(command_group):
                 c.argument('iops', default=None, arg_type=iops_v2_arg_type)
                 c.argument('throughput', default=None, arg_type=throughput_arg_type)
                 c.argument('backup_retention', arg_type=pg_backup_retention_arg_type)
-                c.argument('active_directory_auth', arg_type=active_directory_auth_arg_type)
                 c.argument('microsoft_entra_auth', arg_type=microsoft_entra_auth_arg_type)
                 c.argument('password_auth', arg_type=password_auth_arg_type)
                 c.argument('private_dns_zone_arguments', private_dns_zone_arguments_arg_type)
@@ -983,19 +975,6 @@ def _flexible_server_params(command_group):
                     c.argument('database_names', options_list=['--database-names', '-d'], nargs='+',
                                help='Space-separated list of the database names to be mirrored. Required if --mirroring is enabled.')
 
-        # ad-admin - Rename and deprecate group
-        with self.argument_context('{} flexible-server ad-admin'.format(command_group)) as c:
-            c.argument('server_name', id_part=None, options_list=['--server-name', '-s'], arg_type=server_name_arg_type)
-
-        for scope in ['create', 'show', 'delete', 'wait']:
-            with self.argument_context('{} flexible-server ad-admin {}'.format(command_group, scope)) as c:
-                c.argument('sid', options_list=['--object-id', '-i'], help='The unique ID of the Microsoft Entra administrator.')
-
-        with self.argument_context('{} flexible-server ad-admin create'.format(command_group)) as c:
-            c.argument('login', options_list=['--display-name', '-u'], help='Display name of the Microsoft Entra administrator user or group.')
-            c.argument('principal_type', options_list=['--type', '-t'], default='User', arg_type=get_enum_type(['User', 'Group', 'ServicePrincipal', 'Unknown']), help='Type of the Microsoft Entra administrator.')
-            c.argument('identity', help='Name or ID of identity used for AAD Authentication.', validator=validate_identity)
-
         # microsoft-entra-admin
         with self.argument_context('{} flexible-server microsoft-entra-admin'.format(command_group)) as c:
             c.argument('server_name', id_part=None, options_list=['--server-name', '-s'], arg_type=server_name_arg_type)

src/azure-cli/azure/cli/command_modules/rdbms/flexible_server_commands.py

@@ -16,7 +16,7 @@
     cf_postgres_flexible_ltr_backups,
     cf_postgres_flexible_operations,
     cf_postgres_flexible_replica,
-    cf_postgres_flexible_adadmin,
+    cf_postgres_flexible_admin,
     cf_postgres_flexible_migrations,
     cf_postgres_flexible_private_endpoint_connection,
     cf_postgres_flexible_private_endpoint_connections,
@@ -85,9 +85,9 @@ def load_flexibleserver_command_table(self, _):
         client_factory=cf_postgres_flexible_replica
     )
 
-    postgres_flexible_adadmin_sdk = CliCommandType(
+    postgres_flexible_admin_sdk = CliCommandType(
         operations_tmpl='azure.mgmt.postgresqlflexibleservers.operations#AdministratorsOperations.{}',
-        client_factory=cf_postgres_flexible_adadmin
+        client_factory=cf_postgres_flexible_admin
     )
 
     postgres_flexible_migrations_sdk = CliCommandType(
@@ -249,23 +249,14 @@ def load_flexibleserver_command_table(self, _):
         g.custom_show_command('show', 'flexible_server_identity_show')
         g.custom_command('list', 'flexible_server_identity_list')
 
-    with self.command_group('postgres flexible-server ad-admin', postgres_flexible_adadmin_sdk,
+    with self.command_group('postgres flexible-server microsoft-entra-admin', postgres_flexible_admin_sdk,
                             custom_command_type=flexible_servers_custom_postgres,
-                            client_factory=cf_postgres_flexible_adadmin) as g:
-        g.custom_command('create', 'flexible_server_ad_admin_set', supports_no_wait=True)
-        g.custom_command('delete', 'flexible_server_ad_admin_delete', supports_no_wait=True, confirmation=True)
-        g.custom_command('list', 'flexible_server_ad_admin_list')
-        g.custom_show_command('show', 'flexible_server_ad_admin_show')
-        g.custom_wait_command('wait', 'flexible_server_ad_admin_show')
-
-    with self.command_group('postgres flexible-server microsoft-entra-admin', postgres_flexible_adadmin_sdk,
-                            custom_command_type=flexible_servers_custom_postgres,
-                            client_factory=cf_postgres_flexible_adadmin) as g:
-        g.custom_command('create', 'flexible_server_ad_admin_set', supports_no_wait=True)
-        g.custom_command('delete', 'flexible_server_ad_admin_delete', supports_no_wait=True, confirmation=True)
-        g.custom_command('list', 'flexible_server_ad_admin_list')
-        g.custom_show_command('show', 'flexible_server_ad_admin_show')
-        g.custom_wait_command('wait', 'flexible_server_ad_admin_show')
+                            client_factory=cf_postgres_flexible_admin) as g:
+        g.custom_command('create', 'flexible_server_microsoft_entra_admin_set', supports_no_wait=True)
+        g.custom_command('delete', 'flexible_server_microsoft_entra_admin_delete', supports_no_wait=True, confirmation=True)
+        g.custom_command('list', 'flexible_server_microsoft_entra_admin_list')
+        g.custom_show_command('show', 'flexible_server_microsoft_entra_admin_show')
+        g.custom_wait_command('wait', 'flexible_server_microsoft_entra_admin_show')
 
     with self.command_group('postgres flexible-server advanced-threat-protection-setting', postgres_flexible_server_threat_protection_settings_sdk,
                             custom_command_type=flexible_servers_custom_postgres,

src/azure-cli/azure/cli/command_modules/rdbms/flexible_server_custom_postgres.py

@@ -30,7 +30,7 @@
     cf_postgres_flexible_private_dns_zone_suffix_operations, \
     cf_postgres_flexible_private_endpoint_connections, \
     cf_postgres_flexible_tuning_options, \
-    cf_postgres_flexible_config, cf_postgres_flexible_adadmin
+    cf_postgres_flexible_config, cf_postgres_flexible_admin
 from ._flexible_server_util import generate_missing_parameters, resolve_poller, \
     generate_password, parse_maintenance_window, get_current_time, build_identity_and_data_encryption, \
     _is_resource_name, get_tenant_id, get_case_insensitive_key_value, get_enum_value_true_false
@@ -58,7 +58,7 @@ def flexible_server_create(cmd, client,
                            resource_group_name=None, server_name=None,
                            location=None, backup_retention=None,
                            sku_name=None, tier=None,
-                           storage_gb=None, version=None, active_directory_auth=None, microsoft_entra_auth=None,
+                           storage_gb=None, version=None, microsoft_entra_auth=None,
                            admin_name=None, admin_id=None, admin_type=None,
                            password_auth=None, administrator_login=None, administrator_login_password=None,
                            tags=None, database_name=None,
@@ -106,7 +106,7 @@ def flexible_server_create(cmd, client,
                            backup_byok_key=backup_byok_key,
                            performance_tier=performance_tier,
                            create_cluster=create_cluster,
-                           password_auth=password_auth, active_directory_auth=active_directory_auth, microsoft_entra_auth=microsoft_entra_auth,
+                           password_auth=password_auth, microsoft_entra_auth=microsoft_entra_auth,
                            admin_name=admin_name, admin_id=admin_id, admin_type=admin_type,)
 
     cluster = None
@@ -140,8 +140,7 @@ def flexible_server_create(cmd, client,
                                                                            standby_availability_zone=standby_availability_zone)
 
     is_password_auth_enabled = bool(password_auth is not None and password_auth.lower() == 'enabled')
-    is_microsoft_entra_auth_enabled = bool(active_directory_auth is not None and active_directory_auth.lower() == 'enabled') or \
-        bool(microsoft_entra_auth is not None and microsoft_entra_auth.lower() == 'enabled')
+    is_microsoft_entra_auth_enabled = bool(microsoft_entra_auth is not None and microsoft_entra_auth.lower() == 'enabled')
     if is_password_auth_enabled:
         administrator_login_password = generate_password(administrator_login_password)
 
@@ -175,7 +174,7 @@ def flexible_server_create(cmd, client,
 
     # Add Microsoft Entra Admin
     if is_microsoft_entra_auth_enabled and admin_name is not None or admin_id is not None:
-        server_admin_client = cf_postgres_flexible_adadmin(cmd.cli_ctx, '_')
+        server_admin_client = cf_postgres_flexible_admin(cmd.cli_ctx, '_')
         logger.warning("Add Microsoft Entra Admin '%s'.", admin_name)
         _create_admin(server_admin_client, resource_group_name, server_name, admin_name, admin_id, admin_type)
 
@@ -312,7 +311,7 @@ def flexible_server_update_custom_func(cmd, client, instance,
                                        maintenance_window=None,
                                        byok_identity=None, byok_key=None,
                                        backup_byok_identity=None, backup_byok_key=None,
-                                       active_directory_auth=None, microsoft_entra_auth=None, password_auth=None,
+                                       microsoft_entra_auth=None, password_auth=None,
                                        private_dns_zone_arguments=None,
                                        public_access=None,
                                        tags=None,
@@ -426,8 +425,8 @@ def flexible_server_update_custom_func(cmd, client, instance,
 
     auth_config = instance.auth_config
     administrator_login = instance.administrator_login if instance.administrator_login else None
-    if active_directory_auth or microsoft_entra_auth:
-        auth_config.active_directory_auth = active_directory_auth if active_directory_auth else microsoft_entra_auth
+    if microsoft_entra_auth:
+        auth_config.active_directory_auth = microsoft_entra_auth
     if password_auth:
         administrator_login, administrator_login_password = _update_login(server_name, resource_group_name, auth_config,
                                                                           password_auth, administrator_login, administrator_login_password)
@@ -1086,7 +1085,7 @@ def flexible_server_identity_show(cmd, client, resource_group_name, server_name,
 
 
 # Custom functions for ad-admin
-def flexible_server_ad_admin_set(cmd, client, resource_group_name, server_name, login, sid, principal_type=None, no_wait=False):
+def flexible_server_microsoft_entra_admin_set(cmd, client, resource_group_name, server_name, login, sid, principal_type=None, no_wait=False):
     validate_resource_group(resource_group_name)
 
     server_operations_client = cf_postgres_flexible_servers(cmd.cli_ctx, '_')
@@ -1110,7 +1109,7 @@ def _create_admin(client, resource_group_name, server_name, principal_name, sid,
     return sdk_no_wait(no_wait, client.begin_create, resource_group_name, server_name, sid, parameters)
 
 
-def flexible_server_ad_admin_delete(cmd, client, resource_group_name, server_name, sid, no_wait=False):
+def flexible_server_microsoft_entra_admin_delete(cmd, client, resource_group_name, server_name, sid, no_wait=False):
     validate_resource_group(resource_group_name)
 
     server_operations_client = cf_postgres_flexible_servers(cmd.cli_ctx, '_')
@@ -1123,15 +1122,15 @@ def flexible_server_ad_admin_delete(cmd, client, resource_group_name, server_nam
     return sdk_no_wait(no_wait, client.begin_delete, resource_group_name, server_name, sid)
 
 
-def flexible_server_ad_admin_list(client, resource_group_name, server_name):
+def flexible_server_microsoft_entra_admin_list(client, resource_group_name, server_name):
     validate_resource_group(resource_group_name)
 
     return client.list_by_server(
         resource_group_name=resource_group_name,
         server_name=server_name)
 
 
-def flexible_server_ad_admin_show(client, resource_group_name, server_name, sid):
+def flexible_server_microsoft_entra_admin_show(client, resource_group_name, server_name, sid):
     validate_resource_group(resource_group_name)
 
     return client.get(