Use Redis AVM's secretsExportConfiguration to store secrets in Key …

…Vault (#4719)
Azure · Jan 23, 2025 · e5f983a · e5f983a
1 parent c06a6f8
commit e5f983a
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 45 deletions.
diff --git a/cli/azd/internal/scaffold/scaffold.go b/cli/azd/internal/scaffold/scaffold.go
@@ -69,9 +69,6 @@ func supportingFiles(spec InfraSpec) []string {
 	files := []string{"/abbreviations.json"}
 
 	if len(spec.Services) > 0 {
-		if spec.DbRedis != nil {
-			files = append(files, "/modules/set-redis-conn.bicep")
-		}
 		files = append(files, "/modules/fetch-container-image.bicep")
 	}
 

diff --git a/cli/azd/resources/scaffold/base/modules/set-redis-conn.bicep b/cli/azd/resources/scaffold/base/modules/set-redis-conn.bicep
diff --git a/cli/azd/resources/scaffold/templates/resources.bicept b/cli/azd/resources/scaffold/templates/resources.bicept
@@ -389,28 +389,23 @@ module {{bicepName .Name}} 'br/public:avm/res/app/container-app:0.8.0' = {
 {{- end}}
 
 {{- if .DbRedis}}
-module redis 'br/public:avm/res/cache/redis:0.3.2' = {
+module redis 'br/public:avm/res/cache/redis:0.9.0' = {
   name: 'redisDeployment'
   params: {
     // Required parameters
     name: '${abbrs.cacheRedis}${resourceToken}'
     // Non-required parameters
     location: location
     skuName: 'Basic'
+    {{- if .Services}}
+    secretsExportConfiguration: {
+      keyVaultResourceId: keyVault.outputs.resourceId
+      primaryAccessKeyName: 'REDIS-PASSWORD'
+      primaryConnectionStringName: 'REDIS-URL'
+    }
+    {{- end}}
   }
 }
-
-{{- if .Services}}
-module redisConn './modules/set-redis-conn.bicep' = {
-  name: 'redisConn'
-  params: {
-    name: redis.outputs.name
-    passwordSecretName: 'REDIS-PASSWORD'
-    urlSecretName: 'REDIS-URL'
-    keyVaultName: keyVault.outputs.name
-  }
-}
-{{- end}}
 {{- end}}
 
 {{- if .Services}}