diff --git a/sdk/redis/azure-resourcemanager-redis/CHANGELOG.md b/sdk/redis/azure-resourcemanager-redis/CHANGELOG.md index f536203cffd7..4d2c7437ec33 100644 --- a/sdk/redis/azure-resourcemanager-redis/CHANGELOG.md +++ b/sdk/redis/azure-resourcemanager-redis/CHANGELOG.md @@ -4,6 +4,8 @@ ### Features Added +- Supported enabling/disabling authentication through access keys for `RedisCache`. + ### Breaking Changes ### Bugs Fixed diff --git a/sdk/redis/azure-resourcemanager-redis/assets.json b/sdk/redis/azure-resourcemanager-redis/assets.json index ff91e635fa8b..d626082c69e9 100644 --- a/sdk/redis/azure-resourcemanager-redis/assets.json +++ b/sdk/redis/azure-resourcemanager-redis/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "java", "TagPrefix": "java/redis/azure-resourcemanager-redis", - "Tag": "java/redis/azure-resourcemanager-redis_87b73bc96e" + "Tag": "java/redis/azure-resourcemanager-redis_4829c91ebd" } diff --git a/sdk/redis/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/implementation/RedisCacheImpl.java b/sdk/redis/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/implementation/RedisCacheImpl.java index 5fcbb1f737a9..f735066bef05 100644 --- a/sdk/redis/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/implementation/RedisCacheImpl.java +++ b/sdk/redis/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/implementation/RedisCacheImpl.java @@ -380,6 +380,11 @@ public RedisCacheImpl withStaticIp(String staticIp) { return this; } + @Override + public boolean isAccessKeyAuthenticationEnabled() { + return !ResourceManagerUtils.toPrimitiveBoolean(this.innerModel().disableAccessKeyAuthentication()); + } + @Override public RedisCacheImpl withBasicSku() { if (isInCreateMode()) { @@ -742,6 +747,26 @@ public RedisCacheImpl disablePublicNetworkAccess() { return this; } + @Override + public RedisCacheImpl disableAccessKeyAuthentication() { + if (isInCreateMode()) { + createParameters.withDisableAccessKeyAuthentication(true); + } else { + updateParameters.withDisableAccessKeyAuthentication(true); + } + return this; + } + + @Override + public RedisCacheImpl enableAccessKeyAuthentication() { + if (isInCreateMode()) { + createParameters.withDisableAccessKeyAuthentication(false); + } else { + updateParameters.withDisableAccessKeyAuthentication(false); + } + return this; + } + private static final class PrivateLinkResourceImpl implements PrivateLinkResource { private final PrivateLinkResourceInner innerModel; diff --git a/sdk/redis/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/models/RedisCache.java b/sdk/redis/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/models/RedisCache.java index e521588c5ea9..2683f80aa9ec 100644 --- a/sdk/redis/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/models/RedisCache.java +++ b/sdk/redis/azure-resourcemanager-redis/src/main/java/com/azure/resourcemanager/redis/models/RedisCache.java @@ -181,6 +181,15 @@ public interface RedisCache extends GroupableResource { interface WithGroup extends GroupableResource.DefinitionStages.WithGroup { } + /** + * The stage of Redis cache definition allowing to toggle authentication through access keys. + */ + interface WithAccessKeyAuthentication { + /** + * Specifies that authentication to Redis through access keys is disabled. + * + * @return next stage of the Redis cache definition + */ + default WithCreate disableAccessKeyAuthentication() { + throw new UnsupportedOperationException( + "[disableAccessKeyAuthentication] is not supported in " + getClass()); + } + } + /** A Redis Cache definition allowing the sku to be set. */ interface WithSku { /** @@ -250,7 +274,8 @@ interface WithSku { * A Redis Cache definition with sufficient inputs to create a new Redis Cache in the cloud, but exposing * additional optional inputs to specify. */ - interface WithCreate extends Creatable, DefinitionWithTags { + interface WithCreate extends Creatable, DefinitionWithTags, + DefinitionStages.WithAccessKeyAuthentication { /** * Enables non-ssl Redis server port (6379). * @@ -408,6 +433,32 @@ interface WithPremiumSkuCreate extends DefinitionStages.WithCreate { /** Grouping of all the Redis Cache update stages. */ interface UpdateStages { + + /** + * The stage of Redis cache update allowing to toggle authentication through access keys. + */ + interface WithAccessKeyAuthentication { + /** + * Specifies that authentication to Redis through access keys is disabled. + * + * @return next stage of the Redis cache update + */ + default Update disableAccessKeyAuthentication() { + throw new UnsupportedOperationException( + "[disableAccessKeyAuthentication] is not supported in " + getClass()); + } + + /** + * Specifies that authentication to Redis through access keys is enabled. + * + * @return next stage of the Redis cache update + */ + default Update enableAccessKeyAuthentication() { + throw new UnsupportedOperationException( + "[enableAccessKeyAuthentication] is not supported in " + getClass()); + } + } + /** A Redis Cache update stage allowing to change the parameters. */ interface WithSku { @@ -540,7 +591,8 @@ interface WithPublicNetworkAccess { /** The template for a Redis Cache update operation, containing all the settings that can be modified. */ interface Update extends Appliable, Resource.UpdateWithTags, UpdateStages.WithSku, - UpdateStages.WithNonSslPort, UpdateStages.WithRedisConfiguration, UpdateStages.WithPublicNetworkAccess { + UpdateStages.WithNonSslPort, UpdateStages.WithRedisConfiguration, UpdateStages.WithPublicNetworkAccess, + UpdateStages.WithAccessKeyAuthentication { /** * The number of shards to be created on a Premium Cluster Cache. * diff --git a/sdk/redis/azure-resourcemanager-redis/src/test/java/com/azure/resourcemanager/redis/RedisCacheOperationsTests.java b/sdk/redis/azure-resourcemanager-redis/src/test/java/com/azure/resourcemanager/redis/RedisCacheOperationsTests.java index c4b260c5684c..cb3b42432ea5 100644 --- a/sdk/redis/azure-resourcemanager-redis/src/test/java/com/azure/resourcemanager/redis/RedisCacheOperationsTests.java +++ b/sdk/redis/azure-resourcemanager-redis/src/test/java/com/azure/resourcemanager/redis/RedisCacheOperationsTests.java @@ -3,7 +3,6 @@ package com.azure.resourcemanager.redis; -import com.azure.core.management.AzureEnvironment; import com.azure.core.management.Region; import com.azure.core.management.exception.ManagementException; import com.azure.resourcemanager.redis.models.DayOfWeek; @@ -49,22 +48,27 @@ public void canCRUDRedisCache() throws Exception { .define(rrName) .withRegion(Region.ASIA_EAST) .withNewResourceGroup(rgName) - .withBasicSku(); + .withBasicSku() + .withRedisConfiguration("aad-enabled", "true") + .disableAccessKeyAuthentication(); Creatable redisCacheDefinition2 = redisManager.redisCaches() .define(rrNameSecond) .withRegion(Region.US_CENTRAL) .withNewResourceGroup(resourceGroups) .withPremiumSku() .withShardCount(2) - .withPatchSchedule(DayOfWeek.SUNDAY, 10, Duration.ofMinutes(302)); + .withPatchSchedule(DayOfWeek.SUNDAY, 10, Duration.ofMinutes(302)) + .withRedisConfiguration("aad-enabled", "true") + .disableAccessKeyAuthentication(); Creatable redisCacheDefinition3 = redisManager.redisCaches() .define(rrNameThird) .withRegion(Region.US_CENTRAL) .withNewResourceGroup(resourceGroups) .withPremiumSku(2) - .withNonSslPort() .withFirewallRule("rule1", "192.168.0.1", "192.168.0.4") - .withFirewallRule("rule2", "192.168.0.10", "192.168.0.40"); + .withFirewallRule("rule2", "192.168.0.10", "192.168.0.40") + .withRedisConfiguration("aad-enabled", "true") + .disableAccessKeyAuthentication(); // Server throws "The 'minimumTlsVersion' property is not yet supported." exception. Uncomment when fixed. // .withMinimumTlsVersion(TlsVersion.ONE_FULL_STOP_ONE); @@ -221,6 +225,8 @@ public void canRedisVersionUpdate() { .withNewResourceGroup(rgName) .withBasicSku() .withRedisVersion(redisVersion) + .withRedisConfiguration("aad-enabled", "true") + .disableAccessKeyAuthentication() .create(); assertSameVersion(RedisCache.RedisVersion.V4, redisCache.redisVersion()); @@ -250,9 +256,10 @@ public void canCRUDLinkedServers() throws Exception { .withPremiumSku(2) .withPatchSchedule(DayOfWeek.SATURDAY, 5, Duration.ofHours(5)) .withRedisConfiguration("maxclients", "2") - .withNonSslPort() .withFirewallRule("rule1", "192.168.0.1", "192.168.0.4") .withFirewallRule("rule2", "192.168.0.10", "192.168.0.40") + .withRedisConfiguration("aad-enabled", "true") + .disableAccessKeyAuthentication() .create(); RedisCache rggLinked = redisManager.redisCaches() @@ -260,6 +267,8 @@ public void canCRUDLinkedServers() throws Exception { .withRegion(Region.US_EAST) .withExistingResourceGroup(rgNameSecond) .withPremiumSku(2) + .withRedisConfiguration("aad-enabled", "true") + .disableAccessKeyAuthentication() .create(); Assertions.assertNotNull(rgg); @@ -303,11 +312,9 @@ public void canCreateRedisWithRdbAof() { .define(saName) .withRegion(Region.US_WEST3) .withNewResourceGroup(rgName) + .disableSharedKeyAccess() .create(); - String connectionString = ResourceManagerUtils.getStorageConnectionString(saName, - storageAccount.getKeys().get(0).value(), AzureEnvironment.AZURE); - // RDB RedisCache redisCache = redisManager.redisCaches() .define(rrName) @@ -318,7 +325,10 @@ public void canCreateRedisWithRdbAof() { .withRedisConfiguration(new RedisConfiguration().withRdbBackupEnabled("true") .withRdbBackupFrequency("15") .withRdbBackupMaxSnapshotCount("1") - .withRdbStorageConnectionString(connectionString)) + .withRdbStorageConnectionString(storageAccount.endPoints().primary().blob()) + .withPreferredDataPersistenceAuthMethod("managedIdentity") + .withAadEnabled("true")) + .disableAccessKeyAuthentication() .create(); Assertions.assertEquals("true", redisCache.innerModel().redisConfiguration().rdbBackupEnabled()); Assertions.assertEquals("15", redisCache.innerModel().redisConfiguration().rdbBackupFrequency()); @@ -336,13 +346,14 @@ public void canCreateRedisWithRdbAof() { .withPremiumSku() .withMinimumTlsVersion(TlsVersion.ONE_TWO) .withRedisConfiguration("aof-backup-enabled", "true") - .withRedisConfiguration("aof-storage-connection-string-0", connectionString) - .withRedisConfiguration("aof-storage-connection-string-1", connectionString) + .withRedisConfiguration("aof-storage-connection-string-0", storageAccount.endPoints().primary().blob()) + .withRedisConfiguration("preferred-data-persistence-auth-method", "managedIdentity") + .withRedisConfiguration("aad-enabled", "true") + .disableAccessKeyAuthentication() .create(); Assertions.assertEquals("true", redisCache.innerModel().redisConfiguration().aofBackupEnabled()); if (!isPlaybackMode()) { Assertions.assertNotNull(redisCache.innerModel().redisConfiguration().aofStorageConnectionString0()); - Assertions.assertNotNull(redisCache.innerModel().redisConfiguration().aofStorageConnectionString1()); } assertSameVersion(RedisCache.RedisVersion.V6, redisCache.redisVersion()); @@ -371,8 +382,11 @@ public void canUpdatePublicNetworkAccess() { .withRegion(Region.ASIA_EAST) .withNewResourceGroup(rgName) .withBasicSku() + .withRedisConfiguration("aad-enabled", "true") + .disableAccessKeyAuthentication() .create(); + Assertions.assertTrue(!redisCache.isAccessKeyAuthenticationEnabled()); redisCache.update().disablePublicNetworkAccess().apply(); Assertions.assertEquals(PublicNetworkAccess.DISABLED, redisCache.publicNetworkAccess()); diff --git a/sdk/resourcemanager/azure-resourcemanager/CHANGELOG.md b/sdk/resourcemanager/azure-resourcemanager/CHANGELOG.md index 7693a73529b6..286bf5209860 100644 --- a/sdk/resourcemanager/azure-resourcemanager/CHANGELOG.md +++ b/sdk/resourcemanager/azure-resourcemanager/CHANGELOG.md @@ -2,11 +2,11 @@ ## 2.59.0-beta.1 (Unreleased) -### Features Added +### azure-resourcemanager-redis -### Breaking Changes +#### Features Added -### Bugs Fixed +- Supported enabling/disabling authentication through access keys for `RedisCache`. ### Other Changes