Redis Enterprise Cloud supports two types of network security: database-level CIDR allow lists and VPC-wide CIDR allow lists.

These features are available in most Redis Cloud configurations, as shown here:

Cloud provider VPC peering IP restrictions
AWS Flexible and Annual Fixed (paid), Flexible, and Annual
GCP Flexible and Annual Fixed (paid), Flexible, and Annual
Azure Annual Annual

IP and subnet restrictions

You can restrict database access to a configurable set of source IP addresses and subnets. This is roughly equivalent to using iptables to limit access to a host.

To restrict a database to a specific set of source IP addresses or subnets, see Configure CIDR allow list.

Virtual private clouds

A Virtual Private Cloud (VPC) is an isolated set of resources within a public cloud, usually having its own subnets and VLAN.

Databases in Flexible and Annual subscriptions are almost always deployed in a Redis VPC. In most cases, you’ll need to create a VPC peering connection to access these databases. A VPC peering connection allows unrestricted network access between two VPCs.

How you create these connections and the features supported vary somewhat by public cloud provider. You can read about VPC usage for AWS, GCP, and Azure below.

VPCs with AWS

Subscriptions that run on AWS support two VPC options. To ensure that that you can securely connect to your database, you need to create a VPC peering connection.

If you create a VPC peering connection, you can also configure a CIDR allow list to allow connections only from specific IP address blocks or security groups.

VPCs with GCP

Subscriptions that run on GCP require a VPC peering connection. See GCP VPC peering to learn how to set up VPC peering for GCP.

VPCs with Azure

When you request a Redis Cloud Annual subscription, all databases will be deployed in your own Azure VPC.