Redis Enterprise Cloud supports two types of network security: database-level CIDR allow lists and VPC-wide CIDR allow lists.
These features are available in most Redis Cloud configurations, as shown here:
|Cloud provider||VPC peering||IP restrictions|
|AWS||Flexible and Annual||Fixed (paid), Flexible, and Annual|
|Google Cloud||Flexible and Annual||Fixed (paid), Flexible, and Annual|
IP and subnet restrictions
You can restrict database access to a configurable set of source IP addresses and subnets. This is roughly equivalent to using iptables to limit access to a host.
To restrict a database to a specific set of source IP addresses or subnets, see Configure CIDR allow list.
Virtual private clouds
A Virtual Private Cloud (VPC) is an isolated set of resources within a public cloud, usually having its own subnets and VLAN.
Databases in Flexible and Annual subscriptions are almost always deployed in a Redis VPC. In most cases, you’ll need to create a VPC peering connection to access these databases. A VPC peering connection allows unrestricted network access between two VPCs.
Connection creation and supported features vary by public cloud provider. Learn more about VPC usage for AWS, Google Cloud, and Azure.
VPCs with AWS
Subscriptions that run on AWS support two VPC options. To ensure that that you can securely connect to your database, you need to create a VPC peering connection.
If you create a VPC peering connection, you can also configure a CIDR allow list to allow connections only from specific IP address blocks or security groups.
VPCs with Google Cloud
Subscriptions that run on Google Cloud require a VPC peering connection. See Google Cloud VPC peering to learn how to set up VPC peering for Google Cloud.
VPCs with Azure
When you request a Redis Cloud Annual subscription, all databases will be deployed in your own Azure VPC.