Spring Cloud Azure Redis support

This article applies to: ✅ Version 4.19.0 ✅ Version 5.19.0

This article describes how you can use Spring Cloud Azure and Spring Data Redis together and provide various types of credentials for authentication to Azure Cache for Redis.

Azure Cache for Redis provides an in-memory data store based on the Redis software. Redis improves the performance and scalability of an application that uses backend data stores heavily.

Supported Redis versions

For supported versions, see Current versions.

Core features

Passwordless connection

Passwordless connection uses Microsoft Entra authentication for connecting to Azure services without storing any credentials in the application, its configuration files, or in environment variables. Microsoft Entra authentication is a mechanism for connecting to Azure Cache for Redis using identities defined in Microsoft Entra ID. With Microsoft Entra authentication, you can manage cache identities and other Microsoft services in a central location, which simplifies permission management.

How it works

Spring Cloud Azure first builds one of the following types of credentials depending on the application authentication configuration:

  • ClientSecretCredential
  • ClientCertificateCredential
  • UsernamePasswordCredential
  • ManagedIdentityCredential

If none of these types of credentials are found, the credential chain via DefaultTokenCredential is used to obtain credentials from application properties, environment variables, managed identity, or IDEs. For more information, see Spring Cloud Azure authentication.

Configuration

Configurable properties when using Redis support:

Property Description Default Value Required
spring.cloud.azure.redis.enabled Whether an Azure Cache for Redis is enabled. true No
spring.cloud.azure.redis.name Azure Cache for Redis instance name. Yes
spring.cloud.azure.redis.resource.resource-group The resource group of Azure Cache for Redis. Yes
spring.cloud.azure.profile.subscription-id The subscription ID. Yes
spring.data.redis.azure.passwordless-enabled Whether to enable passwordless for Azure Cache for Redis. false No

Basic usage

The following sections show the classic Spring Boot application usage scenarios.

Connect to Azure Cache for Redis with passwordless

  1. Add the following dependency to your project. This automatically includes the spring-boot-starter dependency in your project transitively.

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-redis</artifactId>
    </dependency>
    <dependency>
        <groupId>com.azure.spring</groupId>
        <artifactId>spring-cloud-azure-starter-data-redis-lettuce</artifactId>
    </dependency>
    

    Note

    Passwordless connections have been supported since version 5.19.0.

    Remember to add the BOM spring-cloud-azure-dependencies along with the above dependency. For more information, see the Getting started section of the Spring Cloud Azure developer guide.

  2. Configure the following properties in your application.yml file:

    spring:
      data:
        redis:
          host: ${AZURE_CACHE_REDIS_HOST}
          username: ${AZURE_CACHE_REDIS_USERNAME}
          port: 6380
          ssl:
            enabled: true
          azure:
            passwordless-enabled: true
    

    Important

    Passwordless connection uses Microsoft Entra authentication. To use Microsoft Entra authentication, you should enable Microsoft Entra Authentication and select user(managed identity/service principal) to assign Data Owner Access Policy.

    For more information and to get the value for username, see the Enable Microsoft Entra ID authentication on your cache section of Use Microsoft Entra ID for cache authentication.

Connect to Azure Cache for Redis with managed identity

  1. To use the managed identity, you need enable the managed identity for your service and enable Microsoft Entra authentication on your cache.

  2. Then, add the following properties in your application.yml file:

    spring:
      cloud:
        azure:
          credential:
            managed-identity-enabled: true
    

    Important

    The redis.username should change to the managed identity object (principal) ID.

    If you're using user-assigned managed identity, you also need to add the property spring.cloud.azure.credential.client-id with your user-assigned managed identity client ID.

Connect to Azure Cache for Redis via Azure Resource Manager

Use the following steps to connect to Azure Cache for Redis:

  1. Add the following dependency to your project. This automatically includes the spring-boot-starter dependency in your project transitively.

    <dependency>
        <groupId>com.azure.spring</groupId>
        <artifactId>spring-cloud-azure-starter-data-redis-lettuce</artifactId>
    </dependency>
    <dependency>
        <groupId>com.azure.spring</groupId>
        <artifactId>spring-cloud-azure-resourcemanager</artifactId>
    </dependency>
    <dependency>
        <groupId>com.azure.spring</groupId>
        <artifactId>spring-boot-starter-data-redis</artifactId>
    </dependency>
    

    Note

    Remember to add the BOM spring-cloud-azure-dependencies along with the above dependency. For more information, see the Getting started section of the Spring Cloud Azure developer guide.

  1. Configure the following properties in your application.yml file:

    spring:
      cloud:
        azure:
          profile:
            subscription-id: ${AZURE_SUBSCRIPTION_ID}
          redis:
            name: ${AZURE_CACHE_REDIS_NAME}
            resource:
              resource-group: ${AZURE_RESOURCE_GROUP}
    

Samples

See the azure-spring-boot-samples repository on GitHub.