Prerequisites for Flexible Server
Ensure that a separate subnet is attached to it with delegation (Microsoft.DBforPostgreSWL/flexibleServers and service endpoints Storage, KeyVault, SQL, and Web).
If using an existing Azure Database for Postgres Flexible Server, Contributor role permission must be attached to managed identity on the resource level to start/stop the Postgres Flexible server through scheduling.
The DNS zone of the Flexible servers must be in the same Resource Group.
Flexible servers in different Resource Groups and Kyvos resources in different Resource Groups are not supported.
To use an externally created Flexible Server in deployments, use ARM template (FlexibleServerKyvosManagerRepository and FlexibleServerKyvosRepository) to create a Flexible Server that can be used in the deployments directly. OR, you can also create Flexible Server version 13 (supported for both new deployments and upgrades) through Microsoft, then you need to complete the following steps. For more information about how to create Flexible Server, refer to Microsoft documentation.
For Kyvos repository
Database name must be delverepo.
Username must be postgres
Following tags are expected on the external repository:
UsedBy - Kyvos
ROLE - DATABASE
LAYER - Metadata_Storage
For Kyvos Manager repository
Database name must be kmrepo.
Username must be kmdbuser
Following tags are expected on the external repository:
UsedBy - Kyvos
ROLE - DATABASE_KM
LAYER - Metadata_Storage
 Wizard-based Deployment
Flexible Server password prerequisites for Wizard based deployment:
For Kyvos shared repository, password of existing repository needs to be provided.
For Kyvos non-shared repository, password of repository needs to be as delve123@. However, the user can provide any password of his choice on wizard window. Kyvos repository password will be changed after deployment.
If using external repository for Kyvos Manager, you must provide repository password as kyvosmanager#123
Automated Deployment
Note
For automated deployment, no action is needed as:
Newly created Flexible Server: User provided password will be used for repository. No password change is required.
Existing Flexible Server: Password of the existing repository needs to be provided. No password change is required.
 Points to know
Using the same external repository instance is not recommended/certified for KyvosManager & Kyvos both. Cluster scheduling with non-shared repo will cause the DB instance to go down; thus, the Kyvos Manager will not work properly.
If the same repository instance is used, then the database for Kyvos Manager and Kyvos must be different.Â
The default database name for:Â ÂKyvos is delverepo.Â
Kyvos Manager is kmrepo.Â
If any time the same external repository instance gets configured in Kyvos Manager and Kyvos. In that case, ensure that on the Switch Repository page of Kyvos Manager, the Shared repository is checked and configuration is saved.
Copyright Kyvos, Inc. All rights reserved.