ElasticCache: Redis on AWS
#
IntroductionTo deploy the GitGuardian app, a Redis instance is required. This page is dedicated to helping you set up a Redis on AWS using ElasticCache.
Note: The GitGuardian application is bundled with a basic Redis. This Redis can be used for testing but is not meant to be production-ready.
#
High-AvailabilityAWS handles failover by updating a DNS record. This creates a small window where the GitGuardian application will use the ReadOnly replica in case of maintenance.
#
Installation#
From the AWS ConsoleTo create an ElasticCache from the AWS Console, we recommend reading the official documentation.
You need to set the following fields:
- Ensure
Multi-AZ
is enabled. - Enable
Encryption at-rest
. - Enable
Encryption in-transit
. - Set
Access Control Option
toRedis AUTH Default User
. - Set
Redis AUTH Token
to<SECRET_AUTH_TOKEN>
. You must save this value as it is required to configure the GitGuardian application.
Do not enable Cluster Mode
, this option is not supported by the GitGuardian
application.
#
Using TerraformTo create a Redis instance using TF, you need the following resources:
In addition to the fields required by Terraform, we require the following fields to be set:
transit_encryption_enabled=true
: whether to enable encryption in transit.auth_token=<SECRET_AUTH_TOKEN>
: the password used to access a password-protected server.at_rest_encryption_enabled=true
: whether to enable encryption at rest.automatic_failover_enabled=true
: specifies whether a read-only replica will be automatically promoted to read/write primarily if the existing primary fails.multi_az_enabled=true
: specifies whether to enable Multi-AZ Support for the replication group.