Altinn · Ceredron · Aug 14, 2024 · Aug 13, 2024 · Aug 13, 2024 · Aug 13, 2024
diff --git a/.azure/modules/postgreSql/AddAdministrationAccess.bicep b/.azure/modules/postgreSql/AddAdministrationAccess.bicep
@@ -4,7 +4,7 @@ param appName string
 param namePrefix string
 
 resource database 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' existing = {
-  name: '${namePrefix}-pgflex'
+  name: '${namePrefix}-dbserver'
 }
 resource databaseAccess 'Microsoft.DBforPostgreSQL/flexibleServers/administrators@2022-12-01' = {
   name: principalId

diff --git a/.azure/modules/postgreSql/create.bicep b/.azure/modules/postgreSql/create.bicep
@@ -38,12 +38,12 @@ module saveMigrationConnectionString '../keyvault/upsertSecret.bicep' = {
   params: {
     destKeyVaultName: srcKeyVault.name
     secretName: migrationConnectionStringName
-    secretValue: 'Host=${postgres.properties.fullyQualifiedDomainName};Database=${databaseName};Port=5432;Username=${databaseUser};Password=${administratorLoginPassword};'
+    secretValue: 'Host=${postgres.properties.fullyQualifiedDomainName};Database=${databaseName};Port=5432;Username=${databaseUser};Password=${administratorLoginPassword};options=-c role=azure_pg_admin;'
   }
 }
 
 resource postgres 'Microsoft.DBforPostgreSQL/flexibleServers@2023-06-01-preview' = {
-  name: '${namePrefix}-pgflex'
+  name: '${namePrefix}-dbserver'
   location: location
   properties: {
     version: '14'

diff --git a/README-infrastructure.md b/README-infrastructure.md
@@ -56,7 +56,7 @@ Cannot be automated as our deploying service principal does not have access to i
 
 The database uses IP blocking for security reasons so to get access you need to add a firewall rule on the database server for your IP. You also need to set yourself as an AD administrator with access to the database.
 
-1. Go to the database server in the Azure Portal (name ends in "-pgflex")
+1. Go to the database server in the Azure Portal (name ends in "-dbserver")
 2. Go Settings > Networking and click "Add current client IP address"
 3. Go Security > Authentication and use "Add Microsoft Entra Admins" to add yourself.
 4. After you have added yourself, you will see your AD user in the list of admins. Use the username from here and use an Azure Access token for password that can be generated using the CLI:

diff --git a/src/Altinn.Correspondence.Persistence/Data/DatabaseContext.cs b/src/Altinn.Correspondence.Persistence/Data/DatabaseContext.cs
@@ -1,6 +1,7 @@
 using Altinn.Correspondence.Core.Models;
 using Azure.Identity;
 using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
 using Microsoft.IdentityModel.Tokens;
 using Npgsql;
 using System.IdentityModel.Tokens.Jwt;
@@ -48,4 +49,9 @@ private bool IsAccessTokenValid()
         SecurityToken token = tokenHandler.ReadToken(_accessToken);
         return DateTime.UtcNow.AddSeconds(60) < token.ValidTo;
     }
+
+    protected override void OnModelCreating(ModelBuilder modelBuilder)
+    {
+        modelBuilder.HasDefaultSchema("correspondence");
+    }
 }
diff --git a/...240812133330_Initial_DB_Setup.Designer.cs → ...240814104030_Initial_DB_Setup.Designer.cs b/...240812133330_Initial_DB_Setup.Designer.cs → ...240814104030_Initial_DB_Setup.Designer.cs