Create the Redis Data Access configuration from Terraform

Author: nickdala

cache/spring3-sample/spring-cloud-azure-redis-sample-passwordless/README.md

@@ -117,7 +117,7 @@ You can go to [Azure portal](https://ms.portal.azure.com/) in your web browser t
 
 ### Enable Microsoft Entra ID authentication on your cache
 
-Refer [Enable Microsoft Entra ID authentication on your cache](https://learn.microsoft.com/azure/azure-cache-for-redis/cache-azure-active-directory-for-authentication#enable-microsoft-entra-id-authentication-on-your-cache) and copy the value of username.
+Refer to [Enable Microsoft Entra ID authentication on your cache](https://learn.microsoft.com/azure/azure-cache-for-redis/cache-azure-active-directory-for-authentication) for more information.
 
 ### Export Output to Your Local Environment
 Running the command below to export environment values:
@@ -126,21 +126,19 @@ Running the command below to export environment values:
 
 ```shell
 source ./terraform/setup_env.sh
-export AZURE_CACHE_REDIS_USERNAME='<copied-username>'
 ```
 
 #### Run with Powershell
 
 ```shell
 terraform\setup_env.ps1
-$env:AZURE_CACHE_REDIS_USERNAME='<copied-username>'
 ```
 
 If you want to run the sample in debug mode, you can save the output value.
 
 ```shell
 AZURE_CACHE_REDIS_HOST=...
-AZURE_CACHE_REDIS_USERNAME=<copied-username>
+AZURE_CACHE_REDIS_USERNAME=...
 ```
 
 ## Run Locally

cache/spring3-sample/spring-cloud-azure-redis-sample-passwordless/terraform/main.tf

@@ -2,11 +2,11 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.9.0"
+      version = "3.110.0"
     }
     azurecaf = {
       source  = "aztfmod/azurecaf"
-      version = "1.2.16"
+      version = "1.2.26"
     }
   }
 }
@@ -35,6 +35,7 @@ resource "azurerm_resource_group" "main" {
 
 # =================== redis ================
 data "azurerm_subscription" "current" { }
+data "azuread_client_config" "current" {}
 
 resource "azurecaf_name" "azurecaf_name_redis" {
   name          = var.application_name
@@ -54,5 +55,15 @@ resource "azurerm_redis_cache" "redis" {
   minimum_tls_version = "1.2"
 
   redis_configuration {
+    enable_authentication = true
+    active_directory_authentication_enabled = true
   }
 }
+
+resource "azurerm_redis_cache_access_policy_assignment" "current_user" {
+  name               = "current-user"
+  redis_cache_id     = azurerm_redis_cache.redis.id
+  access_policy_name = "Data Contributor"
+  object_id          = data.azuread_client_config.current.object_id
+  object_id_alias    = "current-user"
+}

cache/spring3-sample/spring-cloud-azure-redis-sample-passwordless/terraform/outputs.tf

@@ -2,3 +2,8 @@ output "AZURE_CACHE_REDIS_HOST" {
   value       = azurerm_redis_cache.redis.hostname
   description = "The host name of the Redis instance."
 }
+
+output "AZURE_CACHE_REDIS_USERNAME" {
+  value = data.azuread_client_config.current.object_id
+  description = "The username of the Redis instance."
+}

cache/spring3-sample/spring-cloud-azure-redis-sample-passwordless/terraform/setup_env.ps1

@@ -1,3 +1,5 @@
 $env:AZURE_CACHE_REDIS_HOST=$(terraform -chdir=terraform output -raw AZURE_CACHE_REDIS_HOST)
+$env:AZURE_CACHE_REDIS_USERNAME=$(terraform -chdir=terraform output -raw AZURE_CACHE_REDIS_USERNAME)
 
 echo AZURE_CACHE_REDIS_HOST=$env:AZURE_CACHE_REDIS_HOST
+echo AZURE_CACHE_REDIS_USERNAME=$env:AZURE_CACHE_REDIS_USERNAME

cache/spring3-sample/spring-cloud-azure-redis-sample-passwordless/terraform/setup_env.sh

@@ -1,3 +1,5 @@
 export AZURE_CACHE_REDIS_HOST=$(terraform -chdir=./terraform output -raw AZURE_CACHE_REDIS_HOST)
+export AZURE_CACHE_REDIS_USERNAME=$(terraform -chdir=./terraform output -raw AZURE_CACHE_REDIS_USERNAME)
 
 echo AZURE_CACHE_REDIS_HOST=AZURE_CACHE_REDIS_HOST
+echo AZURE_CACHE_REDIS_USERNAME=AZURE_CACHE_REDIS_USERNAME