diff --git a/testsuite/model/README.md b/testsuite/model/README.md
index 6b91873bc5f..45fc693701a 100644
--- a/testsuite/model/README.md
+++ b/testsuite/model/README.md
@@ -104,3 +104,21 @@ mvn test -Phot-rod \
   -Dkeycloak.connectionsHotRod.username=<username> \
   -Dkeycloak.connectionsHotRod.password=<password>
 ```
+
+Running tests with `map-jpa` profile using external Postgres database
+---------------------------------------------
+
+By default, Model tests with `map-jpa` profile spawns a new Postgres container
+with each test execution. Default image used is "postgres:alpine". To spawn different 
+version, it can be used "keycloak.map.storage.postgres.docker.image" system property.
+
+It is also possible, to configure Model tests to connect to an external instance 
+of Postgres. To do so, execute tests with the following command:
+```shell
+mvn test -Pmap-jpa \
+  -Dpostgres.start-container=false \
+  -Dkeycloak.map.storage.connectionsJpa.url=<jdbc_url> \
+  -Dkeycloak.map.storage.connectionsJpa.user=<user> \
+  -Dkeycloak.map.storage.connectionsJpa.password=<password>
+```
+
diff --git a/testsuite/model/pom.xml b/testsuite/model/pom.xml
index a4a0fa44725..9e6bd980f86 100644
--- a/testsuite/model/pom.xml
+++ b/testsuite/model/pom.xml
@@ -121,6 +121,12 @@
             <version>${testcontainers.version}</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.testcontainers</groupId>
+            <artifactId>postgresql</artifactId>
+            <version>${testcontainers.version}</version>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>
diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/authz/ConcurrentAuthzTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/authz/ConcurrentAuthzTest.java
index d3fa2c744c8..a5c1a44aa6f 100644
--- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/authz/ConcurrentAuthzTest.java
+++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/authz/ConcurrentAuthzTest.java
@@ -29,6 +29,7 @@ import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.RealmProvider;
 import org.keycloak.models.UserModel;
+import org.keycloak.models.cache.authorization.CachedStoreFactoryProvider;
 import org.keycloak.models.utils.KeycloakModelUtils;
 import org.keycloak.models.utils.ModelToRepresentation;
 import org.keycloak.representations.idm.authorization.UmaPermissionRepresentation;
@@ -47,7 +48,7 @@ import static org.hamcrest.CoreMatchers.nullValue;
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.contains;
 
-@RequireProvider(AuthorizationProvider.class)
+@RequireProvider(CachedStoreFactoryProvider.class)
 @RequireProvider(RealmProvider.class)
 @RequireProvider(ClientProvider.class)
 public class ConcurrentAuthzTest extends KeycloakModelTest {
diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorage.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorage.java
index 8171a9e70ac..c7d0d9ddf95 100644
--- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorage.java
+++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorage.java
@@ -52,11 +52,21 @@ import org.keycloak.provider.Spi;
 import org.keycloak.sessions.AuthenticationSessionSpi;
 import org.keycloak.testsuite.model.Config;
 import org.keycloak.testsuite.model.KeycloakModelParameters;
+import org.testcontainers.containers.PostgreSQLContainer;
 
 public class JpaMapStorage extends KeycloakModelParameters {
 
     private static final Logger LOG = Logger.getLogger(JpaMapStorage.class.getName());
 
+    private static final Boolean START_CONTAINER = Boolean.valueOf(System.getProperty("postgres.start-container", "true"));
+    private static final String POSTGRES_DOCKER_IMAGE_NAME = System.getProperty("keycloak.map.storage.postgres.docker.image", "postgres:alpine");
+    private static final PostgreSQLContainer POSTGRES_CONTAINER = new PostgreSQLContainer(POSTGRES_DOCKER_IMAGE_NAME);
+    private static final String POSTGRES_DB_DEFAULT_NAME = System.getProperty("keycloak.map.storage.connectionsJpa.databaseName", "keycloak");
+    private static final String POSTGRES_DB_USER = System.getProperty("keycloak.map.storage.connectionsJpa.user", "keycloak");
+    private static final String POSTGRES_DB_PASSWORD = System.getProperty("keycloak.map.storage.connectionsJpa.password", "pass");
+
+    private static String POSTGRES_DB_JDBC_URL = System.getProperty("keycloak.map.storage.connectionsJpa.url");
+
     static final Set<Class<? extends Spi>> ALLOWED_SPIS = ImmutableSet.<Class<? extends Spi>>builder()
             .add(MapJpaUpdaterSpi.class)
             .add(MapLiquibaseConnectionSpi.class)
@@ -81,9 +91,9 @@ public class JpaMapStorage extends KeycloakModelParameters {
 
         cf.spi(MapStorageSpi.NAME)
                 .provider(JpaMapStorageProviderFactory.PROVIDER_ID)
-                .config("url", System.getProperty("keycloak.map.storage.connectionsJpa.url"))
-                .config("user", System.getProperty("keycloak.map.storage.connectionsJpa.user"))
-                .config("password", System.getProperty("keycloak.map.storage.connectionsJpa.password"))
+                .config("url", POSTGRES_DB_JDBC_URL)
+                .config("user", POSTGRES_DB_USER)
+                .config("password", POSTGRES_DB_PASSWORD)
                 .config("driver", "org.postgresql.Driver")
                 .config("driverDialect", "org.keycloak.models.map.storage.jpa.hibernate.dialect.JsonbPostgreSQL95Dialect");
 
@@ -104,4 +114,24 @@ public class JpaMapStorage extends KeycloakModelParameters {
           .spi(EventStoreSpi.NAME).provider(MapEventStoreProviderFactory.PROVIDER_ID)                                   .config("storage-admin-events.provider", JpaMapStorageProviderFactory.PROVIDER_ID)
                                                                                                                         .config("storage-auth-events.provider", JpaMapStorageProviderFactory.PROVIDER_ID);
     }
+
+    @Override
+    public void beforeSuite(Config cf) {
+        if (START_CONTAINER) {
+            POSTGRES_CONTAINER
+                    .withDatabaseName(POSTGRES_DB_DEFAULT_NAME)
+                    .withUsername(POSTGRES_DB_USER)
+                    .withPassword(POSTGRES_DB_PASSWORD)
+                    .start();
+
+            POSTGRES_DB_JDBC_URL = POSTGRES_CONTAINER.getJdbcUrl();
+        }
+    }
+
+    @Override
+    public void afterSuite() {
+        if (START_CONTAINER) {
+            POSTGRES_CONTAINER.stop();
+        }
+    }
 }
diff --git a/testsuite/model/test-all-profiles.sh b/testsuite/model/test-all-profiles.sh
index 939979809e6..5d21c6ad2f6 100755
--- a/testsuite/model/test-all-profiles.sh
+++ b/testsuite/model/test-all-profiles.sh
@@ -12,11 +12,6 @@ mvn -version
 EXIT_CODE=0
 mvn clean
 for I in `perl -ne 'print "$1\n" if (m,<id>([^.<]+)</id>,)' pom.xml`; do
-
-    ## skip map-jpa for GHA
-    if [[ $I == 'map-jpa' ]]; then 
-        continue
-    fi
     echo "========"
     echo "======== Start of Profile $I"
     echo "========"