From ce5d199baf6168542b9534d8103b25cc6a9688a8 Mon Sep 17 00:00:00 2001
From: Hannah Hunter <hannahhunter@microsoft.com>
Date: Mon, 8 Jul 2024 15:21:02 -0400
Subject: [PATCH 1/3] initial add to Redis component

Signed-off-by: Hannah Hunter <hannahhunter@microsoft.com>
---
 .../supported-bindings/redis.md               | 27 +++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

diff --git a/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md b/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
index e147d101c..bb060d175 100644
--- a/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
+++ b/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
@@ -24,6 +24,8 @@ spec:
     value: "<address>:6379"
   - name: redisPassword
     value: "**************"
+  - name: useEntraID
+    value: "true"
   - name: enableTLS
     value: "<bool>"
 ```
@@ -39,6 +41,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 | `redisHost` | Y | Output |  The Redis host address | `"localhost:6379"` |
 | `redisPassword` | Y | Output | The Redis password | `"password"` |
 | `redisUsername` | N | Output | Username for Redis host. Defaults to empty. Make sure your redis server version is 6 or above, and have created acl rule correctly. | `"username"` |
+| `useEntraID` | N | Output | Implements EntraID support for Azure Cache for Redis. Before enabling this: <ul><li>The `redisHost` name must be specified in the form of `"server:port"`</li><li>TLS must be enabled</li></ul> Learn more about this setting under [Create a Redis instance > Azure Cache for Redis]({{< ref "#create-a-redis-instance" >}}) | `"true"`, `"false"` |
 | `enableTLS` | N | Output |  If the Redis instance supports TLS with public certificates it can be configured to enable or disable TLS. Defaults to `"false"` | `"true"`, `"false"` |
 | `failover`           | N | Output         | Property to enabled failover configuration. Needs sentinalMasterName to be set. Defaults to `"false"` | `"true"`, `"false"`
 | `sentinelMasterName` | N | Output         | The sentinel master name. See [Redis Sentinel Documentation](https://redis.io/docs/reference/sentinel-clients/) | `""`,  `"127.0.0.1:6379"`
@@ -160,7 +163,7 @@ Dapr can use any Redis instance - containerized, running on your local dev machi
 
 *Note: Dapr does not support Redis >= 7. It is recommended to use Redis 6*
 
-{{< tabs "Self-Hosted" "Kubernetes" "AWS" "GCP" "Azure">}}
+{{< tabs "Self-Hosted" "Kubernetes" "AWS" "GCP" "Azure Cache for Redis">}}
 
 {{% codetab %}}
 The Dapr CLI will automatically create and setup a Redis Streams instance for you.
@@ -207,7 +210,27 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 {{% /codetab %}}
 
 {{% codetab %}}
-[Azure Redis](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
+[Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
+
+In your Redis component, you can implement EntraID support for Azure Cache for Redis with the following metadata settings:
+
+```yml
+metadata:
+  - name: redisHost
+    value: MYHOSTNAME.redis.cache.windows.net:6380
+  - name: useEntraID
+    value: "true"
+  - name: enableTLS
+    value: "true"
+```
+
+In order to use EntraID:
+
+- The `redisHost` name must be specified in the form of `"server:port"`
+- TLS must be enabled
+
+`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
+
 {{% /codetab %}}
 
 {{< /tabs >}}

From 43ed77e8c82fb0498f69f5022cb8bc1dba390b81 Mon Sep 17 00:00:00 2001
From: Hannah Hunter <hannahhunter@microsoft.com>
Date: Mon, 8 Jul 2024 16:13:04 -0400
Subject: [PATCH 2/3] rest of entraid updates

Signed-off-by: Hannah Hunter <hannahhunter@microsoft.com>
---
 .../supported-bindings/redis.md               | 35 ++++----
 .../redis-configuration-store.md              | 82 +++++++++++--------
 .../supported-locks/redis-lock.md             | 40 +++++----
 .../supported-pubsub/setup-redis-pubsub.md    | 32 +++++++-
 .../supported-state-stores/setup-redis.md     | 34 +++++---
 5 files changed, 146 insertions(+), 77 deletions(-)

diff --git a/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md b/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
index bb060d175..38dd54e54 100644
--- a/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
+++ b/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
@@ -210,26 +210,31 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 {{% /codetab %}}
 
 {{% codetab %}}
-[Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
+1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
 
-In your Redis component, you can implement EntraID support for Azure Cache for Redis with the following metadata settings:
+1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal. 
+   - For the Host name: 
+     - Navigate to the resource's **Overview** page.
+     - Copy the **Host name** value.
+   - For your access key: 
+     - Navigate to **Settings** > **Access Keys**. 
+     - Copy and save your key.
 
-```yml
-metadata:
-  - name: redisHost
-    value: MYHOSTNAME.redis.cache.windows.net:6380
-  - name: useEntraID
-    value: "true"
-  - name: enableTLS
-    value: "true"
-```
+1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster. 
+   - If you're running a sample, add the host and key to the provided `redis.yaml`. 
+   - If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format). 
+   
+1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier. 
+   
+   **Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
 
-In order to use EntraID:
+1. Enable EntraID support:
+   - Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
+   - Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
 
-- The `redisHost` name must be specified in the form of `"server:port"`
-- TLS must be enabled
+1. Set `enableTLS` to `"true"` to support TLS. 
 
-`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
+> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
 
 {{% /codetab %}}
 
diff --git a/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md
index 205cc98ad..09667f1cf 100644
--- a/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md
+++ b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md
@@ -24,9 +24,10 @@ spec:
     value: <address>:6379
   - name: redisPassword
     value: **************
+  - name: useEntraID
+    value: "true"
   - name: enableTLS
     value: <bool>
-
 ```
 
 {{% alert title="Warning" color="warning" %}}
@@ -38,32 +39,33 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 
 | Field              | Required | Details | Example |
 |--------------------|:--------:|---------|---------|
-| redisHost | Y | Output |  The Redis host address | `"localhost:6379"` |
-| redisPassword | Y | Output | The Redis password | `"password"` |
-| redisUsername | N | Output | Username for Redis host. Defaults to empty. Make sure your Redis server version is 6 or above, and have created acl rule correctly. | `"username"` |
-| enableTLS | N | Output |  If the Redis instance supports TLS with public certificates it can be configured to enable or disable TLS. Defaults to `"false"` | `"true"`, `"false"` |
-| failover           | N | Output         | Property to enabled failover configuration. Needs sentinelMasterName to be set. Defaults to `"false"` | `"true"`, `"false"`
-| sentinelMasterName | N | Output         | The Sentinel master name. See [Redis Sentinel Documentation](https://redis.io/docs/reference/sentinel-clients/) | `""`,  `"127.0.0.1:6379"`
-| redisType        | N | Output        | The type of Redis. There are two valid values, one is `"node"` for single node mode, the other is `"cluster"` for Redis cluster mode. Defaults to `"node"`. | `"cluster"`
-| redisDB        | N | Output        | Database selected after connecting to Redis. If `"redisType"` is `"cluster"`, this option is ignored. Defaults to `"0"`. | `"0"`
-| redisMaxRetries        | N | Output        | Maximum number of times to retry commands before giving up. Default is to not retry failed commands.  | `"5"`
-| redisMinRetryInterval        | N | Output        | Minimum backoff for Redis commands between each retry. Default is `"8ms"`;  `"-1"` disables backoff. | `"8ms"`
-| redisMaxRetryInterval        | N | Output        | Maximum backoff for Redis commands between each retry. Default is `"512ms"`;`"-1"` disables backoff. | `"5s"`
-| dialTimeout        | N | Output        | Dial timeout for establishing new connections. Defaults to `"5s"`.  | `"5s"`
-| readTimeout        | N | Output        | Timeout for socket reads. If reached, Redis commands fail with a timeout instead of blocking. Defaults to `"3s"`, `"-1"` for no timeout. | `"3s"`
-| writeTimeout        | N | Output        | Timeout for socket writes. If reached, Redis commands fail with a timeout instead of blocking. Defaults is readTimeout. | `"3s"`
-| poolSize        | N | Output        | Maximum number of socket connections. Default is 10 connections per every CPU as reported by runtime.NumCPU. | `"20"`
-| poolTimeout        | N | Output        | Amount of time client waits for a connection if all connections are busy before returning an error. Default is readTimeout + 1 second. | `"5s"`
-| maxConnAge        | N | Output        | Connection age at which the client retires (closes) the connection. Default is to not close aged connections. | `"30m"`
-| minIdleConns        | N | Output        | Minimum number of idle connections to keep open in order to avoid the performance degradation associated with creating new connections. Defaults to `"0"`. | `"2"`
-| idleCheckFrequency        | N | Output        | Frequency of idle checks made by idle connections reaper. Default is `"1m"`. `"-1"` disables idle connections reaper. | `"-1"`
-| idleTimeout        | N | Output        | Amount of time after which the client closes idle connections. Should be less than server's timeout. Default is `"5m"`. `"-1"` disables idle timeout check. | `"10m"`
+| redisHost | Y | The Redis host address | `"localhost:6379"` |
+| redisPassword | Y | The Redis password | `"password"` |
+| redisUsername | N | Username for Redis host. Defaults to empty. Make sure your Redis server version is 6 or above, and have created acl rule correctly. | `"username"` |
+| useEntraID | N | Implements EntraID support for Azure Cache for Redis. Before enabling this: <ul><li>The `redisHost` name must be specified in the form of `"server:port"`</li><li>TLS must be enabled</li></ul> Learn more about this setting under [Create a Redis instance > Azure Cache for Redis]({{< ref "#setup-redis" >}}) | `"true"`, `"false"` |
+| enableTLS | N | If the Redis instance supports TLS with public certificates it can be configured to enable or disable TLS. Defaults to `"false"` | `"true"`, `"false"` |
+| failover           | N | Property to enabled failover configuration. Needs sentinelMasterName to be set. Defaults to `"false"` | `"true"`, `"false"`
+| sentinelMasterName | N | The Sentinel master name. See [Redis Sentinel Documentation](https://redis.io/docs/reference/sentinel-clients/) | `""`,  `"127.0.0.1:6379"`
+| redisType        | N | The type of Redis. There are two valid values, one is `"node"` for single node mode, the other is `"cluster"` for Redis cluster mode. Defaults to `"node"`. | `"cluster"`
+| redisDB        | N | Database selected after connecting to Redis. If `"redisType"` is `"cluster"`, this option is ignored. Defaults to `"0"`. | `"0"`
+| redisMaxRetries        | N | Maximum number of times to retry commands before giving up. Default is to not retry failed commands.  | `"5"`
+| redisMinRetryInterval        | N | Minimum backoff for Redis commands between each retry. Default is `"8ms"`;  `"-1"` disables backoff. | `"8ms"`
+| redisMaxRetryInterval        | N | Maximum backoff for Redis commands between each retry. Default is `"512ms"`;`"-1"` disables backoff. | `"5s"`
+| dialTimeout        | N | Dial timeout for establishing new connections. Defaults to `"5s"`.  | `"5s"`
+| readTimeout        | N | Timeout for socket reads. If reached, Redis commands fail with a timeout instead of blocking. Defaults to `"3s"`, `"-1"` for no timeout. | `"3s"`
+| writeTimeout        | N | Timeout for socket writes. If reached, Redis commands fail with a timeout instead of blocking. Defaults is readTimeout. | `"3s"`
+| poolSize        | N | Maximum number of socket connections. Default is 10 connections per every CPU as reported by runtime.NumCPU. | `"20"`
+| poolTimeout        | N | Amount of time client waits for a connection if all connections are busy before returning an error. Default is readTimeout + 1 second. | `"5s"`
+| maxConnAge        | N | Connection age at which the client retires (closes) the connection. Default is to not close aged connections. | `"30m"`
+| minIdleConns        | N | Minimum number of idle connections to keep open in order to avoid the performance degradation associated with creating new connections. Defaults to `"0"`. | `"2"`
+| idleCheckFrequency        | N | Frequency of idle checks made by idle connections reaper. Default is `"1m"`. `"-1"` disables idle connections reaper. | `"-1"`
+| idleTimeout        | N | Amount of time after which the client closes idle connections. Should be less than server's timeout. Default is `"5m"`. `"-1"` disables idle timeout check. | `"10m"`
 
 ## Setup Redis
 
 Dapr can use any Redis instance: containerized, running on your local dev machine, or a managed cloud service.
 
-{{< tabs "Self-Hosted" "Kubernetes" "Azure" "AWS" "GCP" >}}
+{{< tabs "Self-Hosted" "Kubernetes" "Azure Cache for Redis" "AWS" "GCP" >}}
 
 {{% codetab %}}
 A Redis instance is automatically created as a Docker container when you run `dapr init`
@@ -79,7 +81,7 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
     ```
 
 2. Run `kubectl get pods` to see the Redis containers now running in your cluster.
-3. Add `redis-master:6379` as the `redisHost` in your [redis.yaml](#configuration) file. For example:
+3. Add `redis-master:6379` as the `redisHost` in your [redis.yaml](#component-format) file. For example:
     ```yaml
         metadata:
         - name: redisHost
@@ -90,7 +92,7 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 
     - **Linux/MacOS**: Run `kubectl get secret --namespace default redis -o jsonpath="{.data.redis-password}" | base64 --decode` and copy the outputted password.
 
-    Add this password as the `redisPassword` value in your [redis.yaml](#configuration) file. For example:
+    Add this password as the `redisPassword` value in your [redis.yaml](#component-format) file. For example:
     ```yaml
         metadata:
         - name: redisPassword
@@ -99,23 +101,33 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 {{% /codetab %}}
 
 {{% codetab %}}
-**Note**: this approach requires having an Azure Subscription.
 
-1. [Start the Azure Cache for Redis creation flow](https://ms.portal.azure.com/#create/Microsoft.Cache). Log in if necessary.
-2. Fill out necessary information and **check the "Unblock port 6379" box**, which will allow us to persist state without SSL.
-3. Click "Create" to kickoff deployment of your Redis instance.
-4. Once your instance is created, you'll need to grab the Host name (FQDN) and your access key:
-   - For the Host name: navigate to the resource's "Overview" and copy "Host name".
-   - For your access key: navigate to "Settings" > "Access Keys" to copy and save your key.
-5. Add your key and your host to a `redis.yaml` file that Dapr can apply to your cluster. 
+1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
+
+1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal. 
+   - For the Host name: 
+     - Navigate to the resource's **Overview** page.
+     - Copy the **Host name** value.
+   - For your access key: 
+     - Navigate to **Settings** > **Access Keys**. 
+     - Copy and save your key.
+
+1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster. 
    - If you're running a sample, add the host and key to the provided `redis.yaml`. 
-   - If you're creating a project from the ground up, create a `redis.yaml` file as specified in [Configuration](#configuration). 
+   - If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format). 
    
-   Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier. 
+1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier. 
    
    **Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
 
-> **NOTE:** Dapr pub/sub uses [Redis Streams](https://redis.io/topics/streams-intro) that was introduced by Redis 5.0, which isn't currently available on Azure Managed Redis Cache. Consequently, you can use Azure Managed Redis Cache only for state persistence.
+1. Enable EntraID support:
+   - Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
+   - Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
+
+1. Set `enableTLS` to `"true"` to support TLS. 
+
+> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
+
 {{% /codetab %}}
 
 {{% codetab %}}
diff --git a/daprdocs/content/en/reference/components-reference/supported-locks/redis-lock.md b/daprdocs/content/en/reference/components-reference/supported-locks/redis-lock.md
index 7c39c9f6e..ca01becdc 100644
--- a/daprdocs/content/en/reference/components-reference/supported-locks/redis-lock.md
+++ b/daprdocs/content/en/reference/components-reference/supported-locks/redis-lock.md
@@ -22,6 +22,8 @@ spec:
     value: <HOST>
   - name: redisPassword
     value: <PASSWORD>
+  - name: useEntraID
+    value: <bool> # Optional. Allowed: true, false.
   - name: enableTLS
     value: <bool> # Optional. Allowed: true, false.
   - name: failover
@@ -82,6 +84,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 | redisHost          | Y        | Connection-string for the redis host  | `localhost:6379`, `redis-master.default.svc.cluster.local:6379`
 | redisPassword      | Y        | Password for Redis host. No Default. Can be `secretKeyRef` to use a secret reference  | `""`, `"KeFg23!"`
 | redisUsername      | N        | Username for Redis host. Defaults to empty. Make sure your redis server version is 6 or above, and have created acl rule correctly. | `""`, `"default"`
+| useEntraID | N | Implements EntraID support for Azure Cache for Redis. Before enabling this: <ul><li>The `redisHost` name must be specified in the form of `"server:port"`</li><li>TLS must be enabled</li></ul> Learn more about this setting under [Create a Redis instance > Azure Cache for Redis]({{< ref "#setup-redis" >}}) | `"true"`, `"false"` |
 | enableTLS          | N         | If the Redis instance supports TLS with public certificates, can be configured to be enabled or disabled. Defaults to `"false"` | `"true"`, `"false"`
 | maxRetries         | N         | Maximum number of retries before giving up. Defaults to `3` | `5`, `10`
 | maxRetryBackoff    | N         | Maximum backoff between each retry. Defaults to `2` seconds; `"-1"` disables backoff. | `3000000000`
@@ -108,7 +111,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 
 Dapr can use any Redis instance: containerized, running on your local dev machine, or a managed cloud service.
 
-{{< tabs "Self-Hosted" "Kubernetes" "Azure" "AWS" "GCP" >}}
+{{< tabs "Self-Hosted" "Kubernetes" "Azure Cache for Redis" "AWS" "GCP" >}}
 
 {{% codetab %}}
 A Redis instance is automatically created as a Docker container when you run `dapr init`
@@ -124,7 +127,7 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
     ```
 
 2. Run `kubectl get pods` to see the Redis containers now running in your cluster.
-3. Add `redis-master:6379` as the `redisHost` in your [redis.yaml](#configuration) file. For example:
+3. Add `redis-master:6379` as the `redisHost` in your [redis.yaml](#component-format) file. For example:
     ```yaml
         metadata:
         - name: redisHost
@@ -135,7 +138,7 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 
     - **Linux/MacOS**: Run `kubectl get secret --namespace default redis -o jsonpath="{.data.redis-password}" | base64 --decode` and copy the outputted password.
 
-    Add this password as the `redisPassword` value in your [redis.yaml](#configuration) file. For example:
+    Add this password as the `redisPassword` value in your [redis.yaml](#component-format) file. For example:
     ```yaml
         metadata:
         - name: redisPassword
@@ -144,23 +147,32 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 {{% /codetab %}}
 
 {{% codetab %}}
-**Note**: this approach requires having an Azure Subscription.
+1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
 
-1. [Start the Azure Cache for Redis creation flow](https://ms.portal.azure.com/#create/Microsoft.Cache). Log in if necessary.
-2. Fill out necessary information and **check the "Unblock port 6379" box**, which will allow us to persist state without SSL.
-3. Click "Create" to kickoff deployment of your Redis instance.
-4. Once your instance is created, you'll need to grab the Host name (FQDN) and your access key:
-   - For the Host name: navigate to the resource's "Overview" and copy "Host name".
-   - For your access key: navigate to "Settings" > "Access Keys" to copy and save your key.
-5. Add your key and your host to a `redis.yaml` file that Dapr can apply to your cluster. 
+1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal. 
+   - For the Host name: 
+     - Navigate to the resource's **Overview** page.
+     - Copy the **Host name** value.
+   - For your access key: 
+     - Navigate to **Settings** > **Access Keys**. 
+     - Copy and save your key.
+
+1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster. 
    - If you're running a sample, add the host and key to the provided `redis.yaml`. 
-   - If you're creating a project from the ground up, create a `redis.yaml` file as specified in [Configuration](#configuration). 
+   - If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format). 
    
-   Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier. 
+1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier. 
    
    **Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
 
-> **NOTE:** Dapr pub/sub uses [Redis Streams](https://redis.io/topics/streams-intro) that was introduced by Redis 5.0, which isn't currently available on Azure Managed Redis Cache. Consequently, you can use Azure Managed Redis Cache only for state persistence.
+1. Enable EntraID support:
+   - Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
+   - Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
+
+1. Set `enableTLS` to `"true"` to support TLS. 
+
+> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
+
 {{% /codetab %}}
 
 {{% codetab %}}
diff --git a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-redis-pubsub.md b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-redis-pubsub.md
index 6a7ee1d39..8fee2c80b 100644
--- a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-redis-pubsub.md
+++ b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-redis-pubsub.md
@@ -26,6 +26,8 @@ spec:
     value: "KeFg23!"
   - name: consumerID
     value: "channel1"
+  - name: useEntraID
+    value: "true"
   - name: enableTLS
     value: "false"
 ```
@@ -42,6 +44,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 | redisPassword      | Y        | Password for Redis host. No Default. Can be `secretKeyRef` to use a secret reference  | `""`, `"KeFg23!"`
 | redisUsername      | N        | Username for Redis host. Defaults to empty. Make sure your redis server version is 6 or above, and have created acl rule correctly. | `""`, `"default"`
 | consumerID         | N        | The consumer group ID.  | Can be set to string value (such as `"channel1"` in the example above) or string format value (such as `"{podName}"`, etc.). [See all of template tags you can use in your component metadata.]({{< ref "component-schema.md#templated-metadata-values" >}})
+| useEntraID | N | Implements EntraID support for Azure Cache for Redis. Before enabling this: <ul><li>The `redisHost` name must be specified in the form of `"server:port"`</li><li>TLS must be enabled</li></ul> Learn more about this setting under [Create a Redis instance > Azure Cache for Redis]({{< ref "#setup-redis" >}}) | `"true"`, `"false"` |
 | enableTLS          | N        | If the Redis instance supports TLS with public certificates, can be configured to be enabled or disabled. Defaults to `"false"` | `"true"`, `"false"`
 | redeliverInterval  | N        | The interval between checking for pending messages to redeliver. Can use either be Go duration string (for example "ms", "s", "m") or milliseconds number. Defaults to `"60s"`. `"0"` disables redelivery. | `"30s"`, `"5000"`
 | processingTimeout  | N        | The amount time that a message must be pending before attempting to redeliver it. Can use either be Go duration string ( for example "ms", "s", "m") or milliseconds number. Defaults to `"15s"`. `"0"` disables redelivery. | `"60s"`, `"600000"`
@@ -69,7 +72,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 
 Dapr can use any Redis instance - containerized, running on your local dev machine, or a managed cloud service, provided the version of Redis is 5.x or 6.x.
 
-{{< tabs "Self-Hosted" "Kubernetes" "AWS" "GCP" "Azure">}}
+{{< tabs "Self-Hosted" "Kubernetes" "AWS" "GCP" "Azure Cache for Redis">}}
 
 {{% codetab %}}
 The Dapr CLI will automatically create and setup a Redis Streams instance for you.
@@ -116,7 +119,32 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 {{% /codetab %}}
 
 {{% codetab %}}
-[Azure Redis](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
+1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
+
+1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal. 
+   - For the Host name: 
+     - Navigate to the resource's **Overview** page.
+     - Copy the **Host name** value.
+   - For your access key: 
+     - Navigate to **Settings** > **Access Keys**. 
+     - Copy and save your key.
+
+1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster. 
+   - If you're running a sample, add the host and key to the provided `redis.yaml`. 
+   - If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format). 
+   
+1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier. 
+   
+   **Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
+
+1. Enable EntraID support:
+   - Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
+   - Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
+
+1. Set `enableTLS` to `"true"` to support TLS. 
+
+> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
+
 {{% /codetab %}}
 
 {{< /tabs >}}
diff --git a/daprdocs/content/en/reference/components-reference/supported-state-stores/setup-redis.md b/daprdocs/content/en/reference/components-reference/supported-state-stores/setup-redis.md
index 61d5de0f3..9ed69d51c 100644
--- a/daprdocs/content/en/reference/components-reference/supported-state-stores/setup-redis.md
+++ b/daprdocs/content/en/reference/components-reference/supported-state-stores/setup-redis.md
@@ -28,6 +28,8 @@ spec:
     value: <HOST>
   - name: redisPassword
     value: <PASSWORD>
+  - name: useEntraID
+    value: <bool> # Optional. Allowed: true, false.
   - name: enableTLS
     value: <bool> # Optional. Allowed: true, false.
   - name: maxRetries
@@ -98,6 +100,7 @@ If you wish to use Redis as an actor store, append the following to the yaml.
 | redisHost          | Y        | Connection-string for the redis host  | `localhost:6379`, `redis-master.default.svc.cluster.local:6379`
 | redisPassword      | Y        | Password for Redis host. No Default. Can be `secretKeyRef` to use a secret reference  | `""`, `"KeFg23!"`
 | redisUsername      | N        | Username for Redis host. Defaults to empty. Make sure your redis server version is 6 or above, and have created acl rule correctly. | `""`, `"default"`
+| useEntraID | N | Implements EntraID support for Azure Cache for Redis. Before enabling this: <ul><li>The `redisHost` name must be specified in the form of `"server:port"`</li><li>TLS must be enabled</li></ul> Learn more about this setting under [Create a Redis instance > Azure Cache for Redis]({{< ref "#setup-redis" >}}) | `"true"`, `"false"` |
 | enableTLS          | N         | If the Redis instance supports TLS with public certificates, can be configured to be enabled or disabled. Defaults to `"false"` | `"true"`, `"false"`
 | maxRetries         | N         | Maximum number of retries before giving up. Defaults to `3` | `5`, `10`
 | maxRetryBackoff    | N         | Maximum backoff between each retry. Defaults to `2` seconds; `"-1"` disables backoff. | `3000000000`
@@ -163,23 +166,32 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 {{% /codetab %}}
 
 {{% codetab %}}
-**Note**: this approach requires having an Azure Subscription.
+1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
 
-1. [Start the Azure Cache for Redis creation flow](https://ms.portal.azure.com/#create/Microsoft.Cache). Log in if necessary.
-2. Fill out necessary information and **check the "Unblock port 6379" box**, which will allow us to persist state without SSL.
-3. Click "Create" to kickoff deployment of your Redis instance.
-4. Once your instance is created, you'll need to grab the Host name (FQDN) and your access key:
-   - For the Host name: navigate to the resource's "Overview" and copy "Host name".
-   - For your access key: navigate to "Settings" > "Access Keys" to copy and save your key.
-5. Add your key and your host to a `redis.yaml` file that Dapr can apply to your cluster. 
+1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal. 
+   - For the Host name: 
+     - Navigate to the resource's **Overview** page.
+     - Copy the **Host name** value.
+   - For your access key: 
+     - Navigate to **Settings** > **Access Keys**. 
+     - Copy and save your key.
+
+1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster. 
    - If you're running a sample, add the host and key to the provided `redis.yaml`. 
-   - If you're creating a project from the ground up, create a `redis.yaml` file as specified in [Configuration](#configuration). 
+   - If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format). 
    
-   Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier. 
+1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier. 
    
    **Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
 
-> **NOTE:** Dapr pub/sub uses [Redis Streams](https://redis.io/topics/streams-intro) that was introduced by Redis 5.0, which isn't currently available on Azure Managed Redis Cache. Consequently, you can use Azure Managed Redis Cache only for state persistence.
+1. Enable EntraID support:
+   - Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
+   - Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
+
+1. Set `enableTLS` to `"true"` to support TLS. 
+
+> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
+
 {{% /codetab %}}
 
 {{% codetab %}}

From 073676c5454b94e41c6f10c412e48ab0b162606b Mon Sep 17 00:00:00 2001
From: Hannah Hunter <hannahhunter@microsoft.com>
Date: Tue, 9 Jul 2024 14:50:56 -0400
Subject: [PATCH 3/3] rearrange tabs and change back to just Azure

Signed-off-by: Hannah Hunter <hannahhunter@microsoft.com>
---
 .../components-reference/supported-bindings/redis.md   | 10 +++++-----
 .../redis-configuration-store.md                       | 10 +++++-----
 .../components-reference/supported-locks/redis-lock.md | 10 +++++-----
 .../supported-pubsub/setup-redis-pubsub.md             | 10 +++++-----
 .../supported-state-stores/setup-redis.md              | 10 +++++-----
 5 files changed, 25 insertions(+), 25 deletions(-)

diff --git a/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md b/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
index 38dd54e54..18cc59d53 100644
--- a/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
+++ b/daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
@@ -163,7 +163,7 @@ Dapr can use any Redis instance - containerized, running on your local dev machi
 
 *Note: Dapr does not support Redis >= 7. It is recommended to use Redis 6*
 
-{{< tabs "Self-Hosted" "Kubernetes" "AWS" "GCP" "Azure Cache for Redis">}}
+{{< tabs "Self-Hosted" "Kubernetes" "AWS" "Azure" "GCP" >}}
 
 {{% codetab %}}
 The Dapr CLI will automatically create and setup a Redis Streams instance for you.
@@ -205,10 +205,6 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 [AWS Redis](https://aws.amazon.com/redis/)
 {{% /codetab %}}
 
-{{% codetab %}}
-[GCP Cloud MemoryStore](https://cloud.google.com/memorystore/)
-{{% /codetab %}}
-
 {{% codetab %}}
 1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
 
@@ -238,6 +234,10 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 
 {{% /codetab %}}
 
+{{% codetab %}}
+[GCP Cloud MemoryStore](https://cloud.google.com/memorystore/)
+{{% /codetab %}}
+
 {{< /tabs >}}
 
 
diff --git a/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md
index 09667f1cf..c8f0b0e8b 100644
--- a/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md
+++ b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md
@@ -65,7 +65,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 
 Dapr can use any Redis instance: containerized, running on your local dev machine, or a managed cloud service.
 
-{{< tabs "Self-Hosted" "Kubernetes" "Azure Cache for Redis" "AWS" "GCP" >}}
+{{< tabs "Self-Hosted" "Kubernetes" "AWS" "Azure" "GCP" >}}
 
 {{% codetab %}}
 A Redis instance is automatically created as a Docker container when you run `dapr init`
@@ -100,6 +100,10 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
     ```
 {{% /codetab %}}
 
+{{% codetab %}}
+[AWS Redis](https://aws.amazon.com/redis/)
+{{% /codetab %}}
+
 {{% codetab %}}
 
 1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
@@ -130,10 +134,6 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 
 {{% /codetab %}}
 
-{{% codetab %}}
-[AWS Redis](https://aws.amazon.com/redis/)
-{{% /codetab %}}
-
 {{% codetab %}}
 [GCP Cloud MemoryStore](https://cloud.google.com/memorystore/)
 {{% /codetab %}}
diff --git a/daprdocs/content/en/reference/components-reference/supported-locks/redis-lock.md b/daprdocs/content/en/reference/components-reference/supported-locks/redis-lock.md
index ca01becdc..946c77c94 100644
--- a/daprdocs/content/en/reference/components-reference/supported-locks/redis-lock.md
+++ b/daprdocs/content/en/reference/components-reference/supported-locks/redis-lock.md
@@ -111,7 +111,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 
 Dapr can use any Redis instance: containerized, running on your local dev machine, or a managed cloud service.
 
-{{< tabs "Self-Hosted" "Kubernetes" "Azure Cache for Redis" "AWS" "GCP" >}}
+{{< tabs "Self-Hosted" "Kubernetes" "AWS" "Azure" "GCP" >}}
 
 {{% codetab %}}
 A Redis instance is automatically created as a Docker container when you run `dapr init`
@@ -146,6 +146,10 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
     ```
 {{% /codetab %}}
 
+{{% codetab %}}
+[AWS Redis](https://aws.amazon.com/redis/)
+{{% /codetab %}}
+
 {{% codetab %}}
 1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
 
@@ -175,10 +179,6 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 
 {{% /codetab %}}
 
-{{% codetab %}}
-[AWS Redis](https://aws.amazon.com/redis/)
-{{% /codetab %}}
-
 {{% codetab %}}
 [GCP Cloud MemoryStore](https://cloud.google.com/memorystore/)
 {{% /codetab %}}
diff --git a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-redis-pubsub.md b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-redis-pubsub.md
index 8fee2c80b..a522e53c4 100644
--- a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-redis-pubsub.md
+++ b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-redis-pubsub.md
@@ -72,7 +72,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 
 Dapr can use any Redis instance - containerized, running on your local dev machine, or a managed cloud service, provided the version of Redis is 5.x or 6.x.
 
-{{< tabs "Self-Hosted" "Kubernetes" "AWS" "GCP" "Azure Cache for Redis">}}
+{{< tabs "Self-Hosted" "Kubernetes" "AWS" "Azure" "GCP" >}}
 
 {{% codetab %}}
 The Dapr CLI will automatically create and setup a Redis Streams instance for you.
@@ -114,10 +114,6 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 [AWS Redis](https://aws.amazon.com/redis/)
 {{% /codetab %}}
 
-{{% codetab %}}
-[GCP Cloud MemoryStore](https://cloud.google.com/memorystore/)
-{{% /codetab %}}
-
 {{% codetab %}}
 1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
 
@@ -147,6 +143,10 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 
 {{% /codetab %}}
 
+{{% codetab %}}
+[GCP Cloud MemoryStore](https://cloud.google.com/memorystore/)
+{{% /codetab %}}
+
 {{< /tabs >}}
 
 
diff --git a/daprdocs/content/en/reference/components-reference/supported-state-stores/setup-redis.md b/daprdocs/content/en/reference/components-reference/supported-state-stores/setup-redis.md
index 9ed69d51c..c6bcae098 100644
--- a/daprdocs/content/en/reference/components-reference/supported-state-stores/setup-redis.md
+++ b/daprdocs/content/en/reference/components-reference/supported-state-stores/setup-redis.md
@@ -130,7 +130,7 @@ If you wish to use Redis as an actor store, append the following to the yaml.
 
 Dapr can use any Redis instance: containerized, running on your local dev machine, or a managed cloud service.
 
-{{< tabs "Self-Hosted" "Kubernetes" "Azure" "AWS" "GCP" >}}
+{{< tabs "Self-Hosted" "Kubernetes" "AWS" "Azure" "GCP" >}}
 
 {{% codetab %}}
 A Redis instance is automatically created as a Docker container when you run `dapr init`
@@ -165,6 +165,10 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
     ```
 {{% /codetab %}}
 
+{{% codetab %}}
+[AWS Redis](https://aws.amazon.com/redis/)
+{{% /codetab %}}
+
 {{% codetab %}}
 1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
 
@@ -194,10 +198,6 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
 
 {{% /codetab %}}
 
-{{% codetab %}}
-[AWS Redis](https://aws.amazon.com/redis/)
-{{% /codetab %}}
-
 {{% codetab %}}
 [GCP Cloud MemoryStore](https://cloud.google.com/memorystore/)
 {{% /codetab %}}