Merge pull request #274619 from flang-msft/fxl---Microsoft-Entra-ID-(AAD)-with-Redis-GA-announcement-ado26147527

Fxl---microsoft entra id (aad) with redis ga announcement ado-26147527

Author: JamesJBarnett

articles/azure-cache-for-redis/cache-azure-active-directory-for-authentication.md

@@ -7,29 +7,26 @@ author: flang-msft
 ms.custom: references_regions
 ms.service: cache
 ms.topic: conceptual
-ms.date: 02/07/2024
+ms.date: 05/09/2024
 ms.author: franlanglois
 
 ---
 
-# Use Microsoft Entra ID (preview) for cache authentication
+# Use Microsoft Entra ID for cache authentication
 
-Azure Cache for Redis offers two methods to authenticate to your cache instance:
-
-- [Access keys](cache-configure.md#access-keys)
-- [Microsoft Entra ID (preview)](cache-configure.md#preview-microsoft-entra-authentication)
+Azure Cache for Redis offers two methods to [authenticate](cache-configure.md#authentication) to your cache instance: Access keys and Microsoft Entra ID
 
 Although access key authentication is simple, it comes with a set of challenges around security and password management. For contrast, in this article, you learn how to use a Microsoft Entra token for cache authentication.
 
-Azure Cache for Redis offers a password-free authentication mechanism by integrating with [Microsoft Entra ID (preview)](/azure/active-directory/fundamentals/active-directory-whatis). This integration also includes [role-based access control](/azure/role-based-access-control/) functionality provided through [access control lists (ACLs)](https://redis.io/docs/management/security/acl/) supported in open source Redis.
+Azure Cache for Redis offers a password-free authentication mechanism by integrating with [Microsoft Entra ID)](/azure/active-directory/fundamentals/active-directory-whatis). This integration also includes [role-based access control](/azure/role-based-access-control/) functionality provided through [access control lists (ACLs)](https://redis.io/docs/management/security/acl/) supported in open source Redis.
 
 To use the ACL integration, your client application must assume the identity of a Microsoft Entra entity, like service principal or managed identity, and connect to your cache. In this article, you learn how to use your service principal or managed identity to connect to your cache, and how to grant your connection predefined permissions based on the Microsoft Entra artifact being used for the connection.
 
 ## Scope of availability
 
 | **Tier**         | Basic, Standard, Premium | Enterprise, Enterprise Flash |
 |:-----------------|:------------------------:|:----------------------------:|
-| **Availability** | Yes (preview)            | No                           |
+| **Availability** | Yes             | No                           |
 
 ## Prerequisites and limitations
 
@@ -47,7 +44,7 @@ To use the ACL integration, your client application must assume the identity of
 
 1. Select **Authentication** from the Resource menu.
 
-1. In the working pane, select **(PREVIEW) Enable Microsoft Entra Authentication**.
+1. In the working pane, select **Enable Microsoft Entra Authentication**.
 
 1. Select **Enable Microsoft Entra Authentication**, and enter the name of a valid user. The user you enter is automatically assigned _Data Owner Access Policy_ by default when you select **Save**. You can also enter a managed identity or service principal to connect to your cache instance.
 
@@ -66,15 +63,15 @@ If you would like to use a custom access policy instead of Redis Data Owner, go
 
 1. In the Azure portal, select the Azure Cache for Redis instance where you'd like to add to the Data Access Configuration.
 
-1. Select **(PREVIEW) Data Access Configuration** from the Resource menu.
+1. Select **Data Access Configuration** from the Resource menu.
 
 1. Select **Add** and choose **New Redis User**.
 
 1. On the **Access Policy** tab, select one the available policies in the table: **Data Owner**, **Data Contributor**, or **Data Reader**. Then, select the **Next:Redis Users**.
 
    :::image type="content" source="media/cache-azure-active-directory-for-authentication/cache-new-redis-user.png" alt-text="Screenshot showing the available Access Policies.":::
 
-1. Choose either the **User or service principal** or **Managed Identity** to determine how to assign access to your Azure Cache for Redis instance. If you select **User or service principal**,and you want to add a _user_, you must first [enable Microsoft Entra Authentication](#enable-microsoft-entra-id-authentication-on-your-cache).
+1. Choose either the **User or service principal** or **Managed Identity** to determine how to assign access to your Azure Cache for Redis instance. If you select **User or service principal**, and you want to add a _user_, you must first [enable Microsoft Entra Authentication](#enable-microsoft-entra-id-authentication-on-your-cache).
 
 1. Then, select **Select members** and select  **Select**. Then, select **Next : Review + Assign**.
    :::image type="content" source="media/cache-azure-active-directory-for-authentication/cache-select-members.png" alt-text="Screenshot showing members to add as New Redis Users.":::
@@ -88,8 +85,6 @@ If you would like to use a custom access policy instead of Redis Data Owner, go
 
 Because most Azure Cache for Redis clients assume that a password and access key are used for authentication, you likely need to update your client workflow to support authentication using Microsoft Entra ID. In this section, you learn how to configure your client applications to connect to Azure Cache for Redis using a Microsoft Entra token.
 
-<!-- :::image type="content" source="media/cache-azure-active-directory-for-authentication/azure-ad-token.png" alt-text="Architecture diagram showing the flow of a token from Microsoft Entra ID to a customer application to a cache."::: -->
-
 ### Microsoft Entra Client Workflow
 
 1. Configure your client application to acquire a Microsoft Entra token for scope, `https://redis.azure.com/.default` or `acca5fbb-b7e4-4009-81f1-37e38fd66d78/.default`, using the [Microsoft Authentication Library (MSAL)](/azure/active-directory/develop/msal-overview).
@@ -134,4 +129,3 @@ The following table includes links to code samples, which demonstrate how to con
 
 - [Configure role-based access control with Data Access Policy](cache-configure-role-based-access-control.md)
 - [Reference pages for identity](/cli/azure/redis/identity)
-

articles/azure-cache-for-redis/cache-configure-role-based-access-control.md

@@ -24,7 +24,7 @@ Azure Cache for Redis offers three built-in access policies: _Owner_, _Contribut
 
 | **Tier**         | Basic, Standard, Premium | Enterprise, Enterprise Flash |
 |:-----------------|:------------------------:|:----------------------------:|
-| **Availability** | Yes (preview)            | No                           |
+| **Availability** | Yes                      | No                           |
 
 ## Prerequisites and limitations
 
@@ -104,7 +104,7 @@ The following list contains some examples of permission strings for various scen
 
 1. In the Azure portal, select the Azure Cache for Redis instance where you want to configure Microsoft Entra token-based authentication.
 
-1. From the Resource menu, select **(PREVIEW) Data Access configuration**.
+1. From the Resource menu, select **Data Access configuration**.
 
    :::image type="content" source="media/cache-configure-role-based-access-control/cache-data-access-configuration.png" alt-text="Screenshot showing Data Access Configuration highlighted in the Resource menu.":::
 
@@ -118,9 +118,9 @@ The following list contains some examples of permission strings for various scen
 
 1. To add a user to the access policy using Microsoft Entra ID, you must first enable Microsoft Entra ID by selecting **Authentication** from the Resource menu.
 
-1. Select **(PREVIEW) Enable Microsoft Entra Authentication** as the tab in the working pane.
+1. Select **Enable Microsoft Entra Authentication** as the tab in the working pane.
 
-1. If not checked already, check the box labeled **(PREVIEW) Enable Microsoft Entra Authentication** and select **OK**. Then, select **Save**.
+1. If not checked already, check the box labeled **Enable Microsoft Entra Authentication** and select **OK**. Then, select **Save**.
 
    :::image type="content" source="media/cache-azure-active-directory-for-authentication/cache-enable-microsoft-entra.png" alt-text="Screenshot of Microsoft Entra ID access authorization.":::
 

articles/azure-cache-for-redis/cache-configure.md

@@ -5,7 +5,7 @@ author: flang-msft
 
 ms.service: cache
 ms.topic: conceptual
-ms.date: 09/29/2023
+ms.date: 05/07/2024
 ms.author: franlanglois 
 ms.custom: engagement-fy23
 ---
@@ -135,8 +135,6 @@ For information on moving resources from one resource group to another, and from
 The **Settings** section allows you to access and configure the following settings for your cache.
 
 - [Authentication](#authentication)
-  - [Access keys](#access-keys)
-  - [(Preview) Microsoft Entra Authentication](#preview-microsoft-entra-authentication)
 - [Advanced settings](#advanced-settings)
 - [Scale](#scale)
 - [Cluster size](#cluster-size)
@@ -153,15 +151,15 @@ The **Settings** section allows you to access and configure the following settin
 
 You have two options for authentication: access keys and Microsoft Entra Authentication.
 
-#### Access keys
+#### [Access keys](#tab/access-keys)
 
 Select **Access keys** to view or regenerate the access keys for your cache. These keys are used by the clients connecting to your cache.
 
 :::image type="content" source="media/cache-configure/redis-cache-manage-keys.png" alt-text="Screenshot showing Authentication selected in the Resource menu and access Keys in the working pane.":::
 
-#### (Preview) Microsoft Entra Authentication
+#### [Microsoft Entra Authentication](#tab/entra)
 
-Select **(Preview) Microsoft Entra Authentication** to  a password-free authentication mechanism by integrating with Microsoft Entra ID. This integration also includes role-based access control functionality provided through access control lists (ACLs) supported in open source Redis.
+Select **Microsoft Entra Authentication** to  a password-free authentication mechanism by integrating with Microsoft Entra ID. This integration also includes role-based access control functionality provided through access control lists (ACLs) supported in open source Redis.
 
 :::image type="content" source="media/cache-configure/cache-microsoft-entra.png" alt-text="Screenshot showing Authentication selected in the Resource menu and Microsoft Entra ID in the working pane.":::
 

articles/azure-cache-for-redis/cache-how-to-monitor.md

@@ -5,7 +5,7 @@ author: flang-msft
 ms.author: franlanglois
 ms.service: cache
 ms.topic: conceptual
-ms.date: 02/29/2024
+ms.date: 05/07/2024
 
 ---
 # How to monitor Azure Cache for Redis

articles/azure-cache-for-redis/cache-tutorial-functions-getting-started.md

@@ -101,7 +101,7 @@ dotnet add package Microsoft.Azure.Functions.Worker.Extensions.Redis --prereleas
 
    :::image type="content" source="media/cache-tutorial-functions-getting-started/cache-keyspace-notifications.png" alt-text="Screenshot of advanced settings for Azure Cache for Redis in the portal.":::
 
-1. Select **Access keys** from the resource menu, and then write down or copy the contents of the **Primary connection string** box. This string is used to connect to the cache.
+1. Locate **Access keys** on the Resource menu, and then write down or copy the contents of the **Primary connection string** box. This string is used to connect to the cache.
 
    :::image type="content" source="media/cache-tutorial-functions-getting-started/cache-access-keys.png" alt-text="Screenshot that shows the primary connection string for an access key.":::
 

articles/azure-cache-for-redis/cache-tutorial-write-behind.md

@@ -198,7 +198,7 @@ You need to update the _local.settings.json_ file to include the connection stri
 }
 ```
 
-To find the Redis connection string, go to the resource menu in the Azure Cache for Redis resource. The string is in the **Access Keys** area of **Settings**.
+To find the Redis connection string, go to the resource menu in the Azure Cache for Redis resource. Locate the string is in the **Access Keys** area on the Resource menu.
 
 To find the SQL database connection string, go to the resource menu in the SQL database resource. Under **Settings**, select **Connection strings**, and then select the **ADO.NET** tab.
 The string is in the **ADO.NET (SQL authentication)** area.

articles/azure-cache-for-redis/includes/media/redis-cache-create/cache-redis-version.png

@@ -5,7 +5,7 @@ services: redis-cache
 author: flang-msft
 ms.service: cache
 ms.topic: "include"
-ms.date: 02/13/2024
+ms.date: 05/07/2024
 ms.author: franlanglois
 ms.custom: "include file"
 ---
@@ -14,19 +14,20 @@ ms.custom: "include file"
 
     :::image type="content" source="media/redis-cache-create/create-resource.png" alt-text="Create a resource is highlighted in the left navigation pane.":::
 
-1. On the **New** page, select **Databases** and then select **Azure Cache for Redis**.
+1. On the **Get Started** page, type _Azure Cache for Redis_ in the search box. Then, select **Create**.
 
-    :::image type="content" source="media/redis-cache-create/select-cache.png" alt-text="On New, Databases is highlighted, and Azure Cache for Redis is highlighted.":::
+    :::image type="content" source="media/redis-cache-create/select-cache.png" alt-text="Screenshot of the Azure Marketplace with Azure Cache for Redis in the search box and create is highlighted with a red box.":::
 
-1. On the **New Redis Cache** page, configure the settings for your new cache.
+1. On the **New Redis Cache** page, configure the settings for your cache.
 
    | Setting      | Choose a value  | Description |
    | ------------ |  ------- | -------------------------------------------------- |
    | **Subscription** | Drop down and select your subscription. | The subscription under which to create this new Azure Cache for Redis instance. |
    | **Resource group** | Drop down and select a resource group, or select **Create new** and enter a new resource group name. | Name for the resource group in which to create your cache and other resources. By putting all your app resources in one resource group, you can easily manage or delete them together. |
    | **DNS name** | Enter a unique name. | The cache name must be a string between 1 and 63 characters that contain only numbers, letters, or hyphens. The name must start and end with a number or letter, and can't contain consecutive hyphens. Your cache instance's *host name* is *\<DNS name>.redis.cache.windows.net*. |
    | **Location** | Drop down and select a location. | Select a [region](https://azure.microsoft.com/regions/) near other services that use your cache. |
-   | **Cache type** | Drop down and select a [tier](https://azure.microsoft.com/pricing/details/cache/). |  The tier determines the size, performance, and features that are available for the cache. For more information, see [Azure Cache for Redis Overview](../cache-overview.md). |
+   | **Cache SKU** | Drop down and select a [**SKU**](https://azure.microsoft.com/pricing/details/cache/). |  The SKU determines the size, performance, and features parameters that are available for the cache. For more information, see [Azure Cache for Redis Overview](../cache-overview.md). |
+   | **Cache size** | Drop down and select a size of your cache |  For more information, see [Azure Cache for Redis Overview](../cache-overview.md). |
 
 1. Select the **Networking** tab or select the **Networking** button at the bottom of the page.