PowerShell

Azure Cache for Redis PowerShell properties and parameters

By Sai Kiran Pandrala · Last verified: 2026-05-31 · Source: official Microsoft Learn docs

At a glance
Product familyAzure
Document sourceAzure Cache for Redis
Guide typeHands-on Reference
Skill levelIntermediate to advanced
Time20 - 75 minutes depending on tenant scale

The Azure Cache for Redis PowerShell module is the choice when you're scripting cache deployments inside an existing PowerShell-based DevOps workflow. The cmdlets accept dozens of parameters. Most of them you'll never touch. A handful you'll touch on every deployment.

I keep a one-page cheat sheet of the parameters I use 90% of the time. This page is that cheat sheet with the verifiable ones documented.

Reference content and what it actually means

The Microsoft Learn page for Azure Cache for Redis PowerShell properties and parameters reads like a config option inventory. Useful, but it doesn't tell you which knobs matter when you have a customer on the phone asking why their cache p99 jumped from 2ms to 14ms. Let me reframe it.

Three variables drive Azure Cache for Redis behaviour in practice: the tier (Basic, Standard, Premium, Enterprise, Enterprise Flash), the auth mode (access keys vs Entra ID), and the network config (public vs VNet vs Private Endpoint). Get those three right and most of the surprises disappear.

Tiers and what each one buys you

Basic is single-node, no SLA, dev/test only. Standard is two-node master-replica, 99.9% SLA. Premium adds VNet integration, persistence, geo-replication, and clustering. Enterprise is built on Redis Enterprise software with multi-AZ HA and Redis modules. Enterprise Flash uses NVMe for sub-millisecond reads on multi-TB datasets.

For a typical Indian SaaS customer, Standard C2 (2.5 GB) at around ₹4,200/month is enough for session cache. Premium P3 (26 GB) at around ₹62,000/month is the production sweet spot for heavy workloads. Enterprise tier starts around ₹1.1 lakh/month and goes up. Confirm against the pricing calculator on the day — Microsoft adjusts these quarterly.

Authentication that scales

Three options. Access keys (a primary and secondary, rotate periodically). Entra ID via managed identity (no secrets, role-based). Custom data access policies (Entra plus command-level scope). For production, use Entra. Access keys end up in logs, config files committed by accident, screenshots in Teams.

# Enable Entra auth on an existing Premium cache
az redis update --name my-cache --resource-group rg-cache \
  --set redisConfiguration.aad-enabled=true

# Assign Entra access policy
az redis access-policy-assignment create \
  --resource-group rg-cache \
  --name my-cache \
  --access-policy-name "Data Owner" \
  --object-id $(az ad sp show --id my-app --query id -o tsv) \
  --object-id-alias my-app

The migration from keys to Entra is non-disruptive — both can coexist while you cut clients over one by one. I run a four-week migration on every customer cache. Week 1: enable Entra alongside keys. Weeks 2-3: cut clients over. Week 4: disable keys, confirm nothing broke.

Network configuration choices

Public endpoint with firewall rules. VNet injection on Premium tier (legacy, deprecating). Private Endpoint on Standard/Premium/Enterprise (modern, preferred). For any new deployment, use Private Endpoint. The VNet injection model is in long maintenance: Microsoft has stated Private Endpoint is the forward path.

How to apply this in practice

Here's the deploy pattern I use for a new Redis customer.

  1. Pick the tier based on workload. Session cache → Standard. Pub/Sub at scale or geo-rep → Premium. Multi-AZ HA or Redis modules → Enterprise.
  2. Provision in the region matching data residency. az redis create --name my-cache --resource-group rg-cache --location centralindia --sku Premium --vm-size P1 --enable-non-ssl-port false --minimum-tls-version 1.2.
  3. Create a Private Endpoint into your app VNet. az network private-endpoint create --name pe-redis --resource-group rg-cache --vnet-name vnet-app --subnet snet-pe --private-connection-resource-id $(az redis show --name my-cache --resource-group rg-cache --query id -o tsv) --group-ids redisCache --connection-name redis-conn.
  4. Enable Entra auth and assign access policies to your app's managed identity. Two minutes to wire it up. Saves rotating access keys forever.
  5. Set up diagnostic settings, send Redis logs to a Log Analytics workspace. Build an alert on the connectedclients metric and one on the usedmemorypercentage metric.

I've seen this fail when teams skip the Private Endpoint step and rely on firewall rules. Firewall rules drift. Private Endpoint is the resource the network team can't accidentally remove.

Caveats and what to double-check

Troubleshooting the failures I keep seeing

Four failure modes account for 90% of Azure Cache for Redis support tickets I've worked.

Connection timeouts under load

Almost always client-side connection pool exhaustion. Check StackExchange.Redis or Jedis or Redisson pool size. Default is usually too small. For a high-throughput app, I set pool size to 100 minimum. Watch the connectedclients metric: if it's hitting the SKU ceiling, you need a bigger tier.

p99 latency creeps up over a day

Memory fragmentation on heavy-write workloads. Check the usedmemoryrss versus usedmemory ratio. If the ratio is over 1.5, fragmentation is the cause. Restart the cache during a maintenance window (Standard tier loses recent writes; Premium with persistence does not).

"NOAUTH Authentication required" errors

Either the access key rotated and the client didn't pick up the new one, or the client is connecting before Entra token refresh completes. Cache the Entra token with a 5-minute buffer before its expiry.

Master failover takes longer than expected

On Standard tier, master failover is 60-120 seconds. On Premium with clustering, it's 30-60 seconds per shard. Build your client to retry with exponential backoff and survive a 90-second outage. Most clients don't by default.

Cost notes for Azure Cache for Redis

Pricing has three levers. Tier (Basic to Enterprise Flash, 10x cost range). Size within tier (C0 to C6 on Standard, P1 to P5 on Premium). Add-ons (geo-replication, persistence, modules on Enterprise).

For an Indian SaaS customer running a typical Premium P3 cache (26 GB) in Central India with geo-replication to South India, monthly cost runs around ₹1.05 lakh ($1,260). The same cache as Standard C5 (26 GB) is around ₹50,000 ($600). The Premium adds VNet, persistence, geo-rep, clustering.

Reservations on Standard and Premium tiers give 35-55% off depending on commitment length. For a stable production workload, the 3-year reservation is almost free money. I buy reservations after the cache has been running production traffic for at least 90 days to avoid committing to the wrong tier.

Rollback plan if a Redis change breaks production

If a Redis config change is causing issues, you have three rollback levels.

  1. Revert the config change. az redis update --set redisConfiguration.<key>=<old-value>. Most non-tier changes apply within 60 seconds.
  2. Failover the master to the replica. az redis force-reboot --reboot-type SecondaryNode. Useful when the master is in a bad state but the replica is clean.
  3. Restore from RDB backup (Premium with persistence enabled). Worst case, you lose minutes of writes. Restoring takes 5-15 minutes depending on backup size.

I keep daily RDB exports running to a separate storage account for every production cache. Daily costs around ₹15-30 for the storage. Saved me twice this year. Cheap insurance.

FAQ

Where does this azure cache for redis powershell properties and parameters content come from?
I cross-checked it against the official Microsoft Learn page for Azure, reformatted the structure for engineers who scan rather than read, and added the verify and rollback notes I wish someone had given me when I first shipped this on a customer tenant. The "Last verified" stamp at the top tells you when it was last reconciled with Microsoft's version.
How often is this reference updated?
Quarterly minimum, plus an out-of-band refresh whenever Microsoft pushes a breaking change. Azure docs move fast, I once watched a feature flip from preview to GA on a Tuesday afternoon. If you see drift between this page and the canonical Microsoft Learn source, the Microsoft page wins. Drop me a note and I will re-verify.
Can I use this for production planning?
Use it as your first read, not your only read. For production decisions, pair this with your tenant's specific SKU, the region you've picked, your compliance constraints (GDPR, HIPAA, India MeitY), and Microsoft's pricing calculator on the day you sign the PO. A 30-minute architecture review with these inputs beats a 3-hour search through PDFs.
Why is this reference free?
HowToFixMe runs on display ads. No paywall, no email gate, no sign-up-to-read pattern. I built this because I lost two evenings last month digging through outdated Microsoft PDF exports for a customer migration. that pain shouldn't be a tax on every engineer.
Where can I read the original Microsoft source?
Search "Azure Cache for Redis PowerShell properties and parameters" on learn.microsoft.com, Microsoft restructures URL paths every few quarters but the heading text usually stays stable, so a verbatim search is the most reliable path to the live page.

References

Related guides worth a look while you sort this one out: