Question: How Can I Make My ElastiCache Redis Publically Available?


Amazon ElastiCache for Redis is designed for use within Virtual Private Cloud (VPC) and is not meant to be accessed publicly by default. However, you can make your ElastiCache Redis cluster publically accessible by following these steps:

Create a new subnet group - Create a new cache subnet group with the desired subnets in your VPC. This will allow your Redis cluster to reside within this subnet group.

aws elasticache create-cache-subnet-group   --cache-subnet-group-name <subnet_group_name>   --cache-subnet-group-description "Private Subnet Group"   --subnet-ids <comma_separated_subnet_ids>

Create a new security group - Create a new security group that allows inbound traffic from the desired IP addresses to the Redis port (default 6379).

aws ec2 create-security-group   --group-name <security_group_name>   --description "Security group for public access to Redis"

aws ec2 authorize-security-group-ingress   --group-id <security_group_id>   --protocol tcp   --port 6379   --cidr <source_ip_range>

Replace <source_ip_range> with the desired IP range (e.g., for open access).

Create the Redis cluster - Create a new ElastiCache Redis cluster using the previously created subnet group and security group.

aws elasticache create-cache-cluster   --cache-cluster-id <cluster_id>   --engine "redis"   --cache-node-type <cache_node_type>   --num-cache-nodes 1   --cache-subnet-group-name <subnet_group_name>   --security-group-ids <comma_separated_security_group_ids>   --engine-version <redis_engine_version>

Create a NAT Gateway - To allow your Redis cluster to be accessible from the internet, create a NAT Gateway within your VPC and associate an Elastic IP with it.

aws ec2 create-nat-gateway   --subnet-id <public_subnet_id>   --allocation-id <elastic_ip_allocation_id>

Update routing table - Update the routing table associated with your private subnet to route traffic through the created NAT Gateway.

aws ec2 create-route   --route-table-id <route_table_id>   --destination-cidr-block   --nat-gateway-id <nat_gateway_id>

Please note that making your ElastiCache Redis cluster publicly accessible may expose it to security risks. Use the <source_ip_range> whitelist to reduce the risks of exposure. Make sure to enforce strong authentication and encryption mechanisms for connections to your cluster.

Was this content helpful?

Start building today

Dragonfly is fully compatible with the Redis ecosystem and requires no code changes to implement.