Azure · v-huizhu2 · Jan 7, 2026 · Dec 12, 2025 · Dec 15, 2025 · Dec 17, 2025
@@ -4,6 +4,8 @@
 
 ### Features Added
 
+- Supported enabling/disabling authentication through access keys for `RedisCache`.
+
 ### Breaking Changes
 
 ### Bugs Fixed

@@ -2,5 +2,5 @@
   "AssetsRepo": "Azure/azure-sdk-assets",
   "AssetsRepoPrefixPath": "java",
   "TagPrefix": "java/redis/azure-resourcemanager-redis",
-  "Tag": "java/redis/azure-resourcemanager-redis_87b73bc96e"
+  "Tag": "java/redis/azure-resourcemanager-redis_4829c91ebd"
 }
@@ -380,6 +380,11 @@ public RedisCacheImpl withStaticIp(String staticIp) {
         return this;
     }
 
+    @Override
+    public boolean isAccessKeyAuthenticationEnabled() {
+        return !ResourceManagerUtils.toPrimitiveBoolean(this.innerModel().disableAccessKeyAuthentication());
+    }
+
     @Override
     public RedisCacheImpl withBasicSku() {
         if (isInCreateMode()) {
@@ -742,6 +747,26 @@ public RedisCacheImpl disablePublicNetworkAccess() {
         return this;
     }
 
+    @Override
+    public RedisCacheImpl disableAccessKeyAuthentication() {
+        if (isInCreateMode()) {
+            createParameters.withDisableAccessKeyAuthentication(true);
+        } else {
+            updateParameters.withDisableAccessKeyAuthentication(true);
+        }
+        return this;
+    }
+
+    @Override
+    public RedisCacheImpl enableAccessKeyAuthentication() {
+        if (isInCreateMode()) {
+            createParameters.withDisableAccessKeyAuthentication(false);
+        } else {
+            updateParameters.withDisableAccessKeyAuthentication(false);
+        }
+        return this;
+    }
+
     private static final class PrivateLinkResourceImpl implements PrivateLinkResource {
         private final PrivateLinkResourceInner innerModel;
 

@@ -181,6 +181,15 @@ public interface RedisCache extends GroupableResource<RedisManager, RedisResourc
      * Fluent interfaces to provision a RedisCache
      **************************************************************/
 
+    /**
+     * Whether authentication to Redis through access keys is enabled.
+     *
+     * @return whether authentication to Redis through access keys is enabled
+     */
+    default boolean isAccessKeyAuthenticationEnabled() {
+        throw new UnsupportedOperationException("[isAccessKeyAuthenticationEnabled] is not supported in " + getClass());
+    }
+
     /** Container interface for all the definitions that need to be implemented. */
     interface Definition extends DefinitionStages.Blank, DefinitionStages.WithGroup, DefinitionStages.WithSku,
         DefinitionStages.WithCreate, DefinitionStages.WithPremiumSkuCreate {
@@ -196,6 +205,21 @@ interface Blank extends DefinitionWithRegion<WithGroup> {
         interface WithGroup extends GroupableResource.DefinitionStages.WithGroup<WithSku> {
         }
 
+        /**
+         * The stage of Redis cache definition allowing to toggle authentication through access keys.
+         */
+        interface WithAccessKeyAuthentication {
+            /**
+             * Specifies that authentication to Redis through access keys is disabled.
+             *
+             * @return next stage of the Redis cache definition
+             */
+            default WithCreate disableAccessKeyAuthentication() {
+                throw new UnsupportedOperationException(
+                    "[disableAccessKeyAuthentication] is not supported in " + getClass());
+            }
+        }
+
         /** A Redis Cache definition allowing the sku to be set. */
         interface WithSku {
             /**
@@ -250,7 +274,8 @@ interface WithSku {
          * A Redis Cache definition with sufficient inputs to create a new Redis Cache in the cloud, but exposing
          * additional optional inputs to specify.
          */
-        interface WithCreate extends Creatable<RedisCache>, DefinitionWithTags<WithCreate> {
+        interface WithCreate extends Creatable<RedisCache>, DefinitionWithTags<WithCreate>,
+            DefinitionStages.WithAccessKeyAuthentication {
             /**
              * Enables non-ssl Redis server port (6379).
              *
@@ -408,6 +433,32 @@ interface WithPremiumSkuCreate extends DefinitionStages.WithCreate {
 
     /** Grouping of all the Redis Cache update stages. */
     interface UpdateStages {
+
+        /**
+         * The stage of Redis cache update allowing to toggle authentication through access keys.
+         */
+        interface WithAccessKeyAuthentication {
+            /**
+             * Specifies that authentication to Redis through access keys is disabled.
+             *
+             * @return next stage of the Redis cache update
+             */
+            default Update disableAccessKeyAuthentication() {
+                throw new UnsupportedOperationException(
+                    "[disableAccessKeyAuthentication] is not supported in " + getClass());
+            }
+
+            /**
+             * Specifies that authentication to Redis through access keys is enabled.
+             *
+             * @return next stage of the Redis cache update
+             */
+            default Update enableAccessKeyAuthentication() {
+                throw new UnsupportedOperationException(
+                    "[enableAccessKeyAuthentication] is not supported in " + getClass());
+            }
+        }
+
         /** A Redis Cache update stage allowing to change the parameters. */
         interface WithSku {
 
@@ -540,7 +591,8 @@ interface WithPublicNetworkAccess {
 
     /** The template for a Redis Cache update operation, containing all the settings that can be modified. */
     interface Update extends Appliable<RedisCache>, Resource.UpdateWithTags<Update>, UpdateStages.WithSku,
-        UpdateStages.WithNonSslPort, UpdateStages.WithRedisConfiguration, UpdateStages.WithPublicNetworkAccess {
+        UpdateStages.WithNonSslPort, UpdateStages.WithRedisConfiguration, UpdateStages.WithPublicNetworkAccess,
+        UpdateStages.WithAccessKeyAuthentication {
         /**
          * The number of shards to be created on a Premium Cluster Cache.
          *

@@ -3,7 +3,6 @@
 
 package com.azure.resourcemanager.redis;
 
-import com.azure.core.management.AzureEnvironment;
 import com.azure.core.management.Region;
 import com.azure.core.management.exception.ManagementException;
 import com.azure.resourcemanager.redis.models.DayOfWeek;
@@ -49,22 +48,27 @@ public void canCRUDRedisCache() throws Exception {
             .define(rrName)
             .withRegion(Region.ASIA_EAST)
             .withNewResourceGroup(rgName)
-            .withBasicSku();
+            .withBasicSku()
+            .withRedisConfiguration("aad-enabled", "true")
+            .disableAccessKeyAuthentication();
         Creatable<RedisCache> redisCacheDefinition2 = redisManager.redisCaches()
             .define(rrNameSecond)
             .withRegion(Region.US_CENTRAL)
             .withNewResourceGroup(resourceGroups)
             .withPremiumSku()
             .withShardCount(2)
-            .withPatchSchedule(DayOfWeek.SUNDAY, 10, Duration.ofMinutes(302));
+            .withPatchSchedule(DayOfWeek.SUNDAY, 10, Duration.ofMinutes(302))
+            .withRedisConfiguration("aad-enabled", "true")
+            .disableAccessKeyAuthentication();
         Creatable<RedisCache> redisCacheDefinition3 = redisManager.redisCaches()
             .define(rrNameThird)
             .withRegion(Region.US_CENTRAL)
             .withNewResourceGroup(resourceGroups)
             .withPremiumSku(2)
-            .withNonSslPort()
             .withFirewallRule("rule1", "192.168.0.1", "192.168.0.4")
-            .withFirewallRule("rule2", "192.168.0.10", "192.168.0.40");
+            .withFirewallRule("rule2", "192.168.0.10", "192.168.0.40")
+            .withRedisConfiguration("aad-enabled", "true")
+            .disableAccessKeyAuthentication();
         // Server throws "The 'minimumTlsVersion' property is not yet supported." exception. Uncomment when fixed.
         // .withMinimumTlsVersion(TlsVersion.ONE_FULL_STOP_ONE);
 
@@ -221,6 +225,8 @@ public void canRedisVersionUpdate() {
             .withNewResourceGroup(rgName)
             .withBasicSku()
             .withRedisVersion(redisVersion)
+            .withRedisConfiguration("aad-enabled", "true")
+            .disableAccessKeyAuthentication()
             .create();
 
         assertSameVersion(RedisCache.RedisVersion.V4, redisCache.redisVersion());
@@ -250,16 +256,19 @@ public void canCRUDLinkedServers() throws Exception {
             .withPremiumSku(2)
             .withPatchSchedule(DayOfWeek.SATURDAY, 5, Duration.ofHours(5))
             .withRedisConfiguration("maxclients", "2")
-            .withNonSslPort()
             .withFirewallRule("rule1", "192.168.0.1", "192.168.0.4")
             .withFirewallRule("rule2", "192.168.0.10", "192.168.0.40")
+            .withRedisConfiguration("aad-enabled", "true")
+            .disableAccessKeyAuthentication()
             .create();
 
         RedisCache rggLinked = redisManager.redisCaches()
             .define(rrNameSecond)
             .withRegion(Region.US_EAST)
             .withExistingResourceGroup(rgNameSecond)
             .withPremiumSku(2)
+            .withRedisConfiguration("aad-enabled", "true")
+            .disableAccessKeyAuthentication()
             .create();
 
         Assertions.assertNotNull(rgg);
@@ -303,11 +312,9 @@ public void canCreateRedisWithRdbAof() {
             .define(saName)
             .withRegion(Region.US_WEST3)
             .withNewResourceGroup(rgName)
+            .disableSharedKeyAccess()
             .create();
 
-        String connectionString = ResourceManagerUtils.getStorageConnectionString(saName,
-            storageAccount.getKeys().get(0).value(), AzureEnvironment.AZURE);
-
         // RDB
         RedisCache redisCache = redisManager.redisCaches()
             .define(rrName)
@@ -318,7 +325,10 @@ public void canCreateRedisWithRdbAof() {
             .withRedisConfiguration(new RedisConfiguration().withRdbBackupEnabled("true")
                 .withRdbBackupFrequency("15")
                 .withRdbBackupMaxSnapshotCount("1")
-                .withRdbStorageConnectionString(connectionString))
+                .withRdbStorageConnectionString(storageAccount.endPoints().primary().blob())
+                .withPreferredDataPersistenceAuthMethod("managedIdentity")
+                .withAadEnabled("true"))
+            .disableAccessKeyAuthentication()
             .create();
         Assertions.assertEquals("true", redisCache.innerModel().redisConfiguration().rdbBackupEnabled());
         Assertions.assertEquals("15", redisCache.innerModel().redisConfiguration().rdbBackupFrequency());
@@ -336,13 +346,14 @@ public void canCreateRedisWithRdbAof() {
             .withPremiumSku()
             .withMinimumTlsVersion(TlsVersion.ONE_TWO)
             .withRedisConfiguration("aof-backup-enabled", "true")
-            .withRedisConfiguration("aof-storage-connection-string-0", connectionString)
-            .withRedisConfiguration("aof-storage-connection-string-1", connectionString)
+            .withRedisConfiguration("aof-storage-connection-string-0", storageAccount.endPoints().primary().blob())
+            .withRedisConfiguration("preferred-data-persistence-auth-method", "managedIdentity")
+            .withRedisConfiguration("aad-enabled", "true")
+            .disableAccessKeyAuthentication()
             .create();
         Assertions.assertEquals("true", redisCache.innerModel().redisConfiguration().aofBackupEnabled());
         if (!isPlaybackMode()) {
             Assertions.assertNotNull(redisCache.innerModel().redisConfiguration().aofStorageConnectionString0());
-            Assertions.assertNotNull(redisCache.innerModel().redisConfiguration().aofStorageConnectionString1());
         }
 
         assertSameVersion(RedisCache.RedisVersion.V6, redisCache.redisVersion());
@@ -371,8 +382,11 @@ public void canUpdatePublicNetworkAccess() {
             .withRegion(Region.ASIA_EAST)
             .withNewResourceGroup(rgName)
             .withBasicSku()
+            .withRedisConfiguration("aad-enabled", "true")
+            .disableAccessKeyAuthentication()
             .create();
 
+        Assertions.assertTrue(!redisCache.isAccessKeyAuthenticationEnabled());
         redisCache.update().disablePublicNetworkAccess().apply();
         Assertions.assertEquals(PublicNetworkAccess.DISABLED, redisCache.publicNetworkAccess());
 

@@ -2,11 +2,11 @@
 
 ## 2.59.0-beta.1 (Unreleased)
 
-### Features Added
+### azure-resourcemanager-redis
 
-### Breaking Changes
+#### Features Added
 
-### Bugs Fixed
+- Supported enabling/disabling authentication through access keys for `RedisCache`.
 
 ### Other Changes