HowTo: Using GAM in Azure serverless architecture

Official Content
This documentation is valid for:

When deploying your services (Rest services, API objects, or services of a mobile/Android app) to Azure serverless, the following has to be considered if the app uses GeneXus Access Manager (GAM)

Summary

Use Redis to persist the web session

Serverless is stateless by default.
But since GAM uses the web session, it is necessary to use Azure Cache for Redis in such scenarios.

How to deploy to Azure serverless and use Redis 

First, define an Azure Cache for Redis service in the cloud. Get the Access Keys because you will need them afterwards.
At the deployment phase (using the Application Deployment tool inside GeneXus IDE or MSBuild tasks), you have to set the required information to indicate the Redis instance and its credentials.

The following image shows the deployment dialog and how to set the properties in the Session State configuration section.

image_20221219448_1_png

Using MSBuild directly, the properties are as follows:

"AZURE_FUNCTIONS_SESSION_STATE_PROVIDER" - Redis
"AZURE_FUNCTIONS_SESSION_PROVIDER_ADDRESS" 
"AZURE_FUNCTIONS_SESSION_PROVIDER_PASSWORD" 
"AZURE_FUNCTIONS_SESSION_PROVIDER_INSTANCE_NAME"
"AZURE_FUNCTIONS_SESSION_TIMEOUT" 

For example, for Azure Cache for Redis the configuration could be:

"AZURE_FUNCTIONS_SESSION_STATE_PROVIDER" =  Redis
"AZURE_FUNCTIONS_SESSION_PROVIDER_ADDRESS" = sample.redis.cache.windows.net:6380,password=xxxxxxxxxxxxxxxxxxx=,ssl=True,abortConnect=False
"AZURE_FUNCTIONS_SESSION_PROVIDER_INSTANCE_NAME" = sample
"AZURE_FUNCTIONS_SESSION_TIMEOUT"  = 5

Note that in this case you can set the provider Address property with the "Primary Connection string" of the Redis cache. Also, note that in this figure the instance name is "gxredis".

image_202212195135_1_png

Session Timeout 

The session is renewed with each request; that is, each request resets the time counter to zero and starts again. That is how it happens on the web, where your session expires only due to inactivity after X minutes.

Configure GAM settings

In order to connect to GAM, the services must have a valid GAM Repository connection.

In the serverless cloud architecture, the GAM connection key is retrieved using an Azure Application Setting (an environment variable in general terms), called GX_GAMCONNECTIONKEY.
This Application setting is automatically defined by the Deploy Engine through the GAM connection Key property at the deployment dialog, although you can define it yourself in the cloud if you want.

You can see it in the Azure Function configuration settings using the Azure portal.

image_2022121102131_1_png


Using the Application Deployment tool, you can set the property in the GAM configuration section:

image_2022121101447_1_png

The connection key can be set using the following MSBuild property:

AZURE_SERVERLESS_GAM_CONNECTION_KEY

Where do I get the GAM connection key to configure the property for deployment?

The GAM connection key can be obtained from connection.gam, which contains that key.

Important Note


For the time being, you have to always set the GAM connection key property at the deployment if you have GAM, regardless if you are only packaging the deployment and not uploading it to Azure.
That is, even though you will be defining the GX_GAMCONNECTIONKEY App Setting yourself in the cloud, you have to set a value in the GAM connection key property to make your application connect to GAM.