The CIDR allow list lets you restrict traffic to your Redis Cloud database. When you configure an allow list, only the IP addresses defined in the list can connect to the database. Traffic from all other IP addresses is blocked.

Database allow list

You can configure your database’s CIDR allow list to restrict client connections to a specific range of IP addresses.

Define CIDR allow list

To define the CIDR allow list for a database:

  1. Select Databases from the admin console menu and then select your database from the list.

  2. From the database’s Configuration screen, select the Edit database button:

    The Edit database button lets you change selected database properties.
  3. In the Security section, turn on the CIDR allow list toggle:

    Turn on the CIDR allow list toggle.
  4. Enter the first IP address (in CIDR format) you want to allow in the text box and then select the check mark to add it to the allow list:

    Add the first IP address to the CIDR allow list.
  5. To allow additional IP addresses:

    1. Select the Add CIDR button:

      Add another IP address to the CIDR allow list.
    2. Enter the new IP address in the text box and then select the check mark to add it to the allow list:

      Add a new IP address to the CIDR allow list.
  6. Select the Save database button to apply your changes:

    Use the Save database button to save database changes.

Subscription allow list

If you use a self-managed, external cloud account to host your Redis Cloud deployment, you can configure a subscription-wide allow list to restrict traffic to all databases associated with the subscription.

The subscription CIDR allow list defines a range of IP addresses and AWS security groups that control inbound and outbound traffic to the Redis Cloud VPC. When you add security groups to the allow list, you can also use the same security groups to manage access to your application.

Allow IP address or security group

To add IP addresses or AWS security groups to a subscription’s allow list:

  1. From the admin console menu, select Subscriptions and then select your subscription from the list.

  2. Select the Connectivity tab and then select Allow List.

  3. If the allow list is empty, select the Add allow list button:

    Add allow list button.
  4. Select an entry Type from the list:

    Select the type of entry to add to the allow list from the Type list.
  5. In the Value box, enter either:

    • An IP address in CIDR format

    • The AWS security group ID

  6. Select the check mark to add the entry to the allow list:

    Select the Submit entry button to add the entry to the allow list.
  7. To allow additional IP addresses or security groups:

    1. Select the Add entry button:

      Select the Add entry button to add another entry to the allow list.
    2. Then select the new entry’s Type, enter the Value, and select the check mark to add it to the allow list:

      Define the new entry and select the Submit entry button to add it to the allow list.
  8. Select the Apply all changes button to apply the allow list updates:

    Use the Apply all changes button to apply all updates to the allow list.