Loading source
Pulling the file list, source metadata, and syntax-aware rendering for this listing.
Source from repo
Prepare Azure environments for new workloads—subscriptions, networking, identity, and landing zones
Files
Skill
Size
Entrypoint
Format
Open file
Syntax-highlighted preview of this file as included in the skill package.
references/services/app-service/templates/recipes/redis/README.md
1# Azure Cache for Redis Recipe — REFERENCE ONLY2Adds Azure Cache for Redis integration to an App Service base template.4## Overview6This recipe composes with a Web API or Web App base template to add distributed caching with Azure Cache for Redis. Uses managed identity for passwordless access.8## Integration Type10| Aspect | Value |12|--------|-------|13| **Service** | Azure Cache for Redis |14| **Auth** | Managed identity (Entra ID access policy) |15| **SKU** | Basic C0 (dev) / Standard C1+ (production) |16| **Protocol** | Redis 6.0+ with TLS |17| **Local Auth** | Disabled — Entra ID only |18## Composition Steps20Apply these steps AFTER `azd init -t <base-template>`:22| # | Step | Details |24|---|------|---------|25| 1 | **Add IaC module** | Add Redis Bicep module to `infra/app/` |26| 2 | **Wire into main** | Add module reference in `main.bicep` |27| 3 | **Add app settings** | Add Redis host name + port settings |28| 4 | **Add source code** | Add cache client setup from examples below |29| 5 | **Add packages** | Add Redis client packages |30## App Settings32| Setting | Value | Purpose |34|---------|-------|---------|35| `REDIS_HOST` | `{name}.redis.cache.windows.net` | Redis host name |36| `REDIS_PORT` | `6380` | TLS port |37### Bicep App Settings Block39```bicep41appSettings: [42{ name: 'REDIS_HOST', value: redis.outputs.hostName }43{ name: 'REDIS_PORT', value: '6380' }44]45```46> **Note:** With managed identity, no access key is needed. The Redis client uses `DefaultAzureCredential` to obtain a token.48## RBAC Roles Required50| Role | GUID | Scope | Purpose |52|------|------|-------|---------|53| **Redis Cache Contributor** | `e0f68234-74aa-48ed-b826-c38b57376e17` | Redis cache | Manage cache |54> For data plane access with Entra ID, configure the Redis access policy to grant the managed identity `Data Owner` or `Data Contributor` access.56## Resources Created58| Resource | Type | Purpose |60|----------|------|---------|61| Redis Cache | `Microsoft.Cache/redis` | Distributed cache |62| Access Policy | `Microsoft.Cache/redis/accessPolicyAssignments` | MI data access |63| Private Endpoint | `Microsoft.Network/privateEndpoints` | VNet-only access (conditional) |64## Source Code Examples66| Language | Source File |68|----------|-------------|69| C# (ASP.NET Core) | [source/dotnet.md](source/dotnet.md) |70| Python | [source/python.md](source/python.md) |71| Node.js | [source/nodejs.md](source/nodejs.md) |72> ⚠️ **Token expiry:** Entra ID access tokens expire in ~1 hour. The C# example uses `ConfigureForAzureWithTokenCredentialAsync` which handles automatic token renewal. Python and Node.js examples require a connection factory pattern — see the source files for a refresh-capable implementation.74## Networking (when VNET_ENABLED=true)76| Component | Details |78|-----------|---------|79| **Private endpoint** | Redis → App Service VNet subnet |80| **Private DNS zone** | `privatelink.redis.cache.windows.net` |81## References83- [Azure Cache for Redis overview](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-overview)85- [Use Entra ID with Redis](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-azure-active-directory-for-authentication)86- [Redis + App Service tutorial](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-web-app-howto)87