Firewall Rules for Redis™

Firewall rules can be used to control the list of IP addresses that are allowed to connect to your database deployments. This functionality is only available for database deployments open to the internet.

For Redis™* deployments open to the Internet firewall rules are mandatory. If you wish to open your Redis™ deployments to the internet you can use 0.0.0.0/0 (Although this is not recommended for Security reasons)

What is an IP CIDR?

CIDR is the short for Classless Inter-Domain Routing, an IP addressing scheme. A CIDR IP address looks like a normal IP address except that it ends with a slash followed by a number, called the IP network prefix. CIDR addresses reduce the size of routing tables and make more IP addresses available within organizations.

For example, we could express the idea that the IP address 192.168.0.11 is associated with the netmask 255.255.255.0 by using the CIDR notation of 192.168.0.11/24. This means that the first 24 bits of the IP address given are considered significant for the network routing.

📘

Firewall rules in Redis™ are added by specifying IP CIDRs. These can be added at the cluster level or account level.

Cluster Level Firewall Rules

Firewall rules can be added at the deployment level. These rules will only be applied on a per-deployment basis.

Step 1: Open the Firewall Modal

Navigate to the details page and click on the Firewall Rules option

1095

Cluster Details Page

768

Firewall Rules Modal

🚧

Please note that the Firewall Rules functionality is only available for deployments that are open to the internet

Step 2: Add Firewall Rules (IP CIDRs)

Once the modal is opened up, you can add Firewall Rules in the form of IP CIDRs. Only these IPs will be allowed access to the deployment.

764

Cluster Level Firewall Rules

📘

0.0.0.0/0 not recommended

Please note that opening your Redis™ deployment to the internet is not suggested. If you want, you can still add 0.0.0.0/0 to the rules list

765

Step 3: Configure

After you have entered the list of IP CIDRs that will be allowed access to the deployment, click on Configure. This will push the rules to the deployment and apply them

📘

Make sure that you update all apps using this deployment to reflect the new access rules

Account Level Firewall Rules

You can also set up Account Level Firewall Rules. These will be pushed to all deployments in your account irrespective of database type.

The advantage of using Account level rules is that you don’t have to repeat the same firewall rules per deployment.

Step 1: Navigate to Settings

To get started, go to Settings > Global rules > Firewall rules

745

Account Level Firewall Rules

Step 2: Add account level IP CIDRs

Similar to adding IP CIDRs for deployment level, we can add IP CIDRs for account level as well

1288

Step 3: Save

Once all your IP CIDRs have been added, click the Save button to save the firewall rules.

Step 4: Configure Rules

Note that these rules have still not applied yet. To do so, go to your Redis™ deployment(s), open the Firewall Modal and press Configure to push the rules to the deployment.

🚧

If you have a lot of deployments, you will have to individually go to each deployment and configure the account level rules

Once the Firewall Rules have been applied, you should see a green check on the Firewall Rules option on the Cluster Details page.

216

Firewall rules enabled

* Redis is a trademark of Redis Labs Ltd. Any rights therein are reserved to Redis Labs Ltd. Any use by ScaleGrid is for referential purposes only and does not indicate any sponsorship, endorsement or affiliation between Redis and ScaleGrid.