Skip to main content
__wf_reserved_inherit

ElasticCache: Redis on AWS

Introduction

To deploy the GitGuardian app, a Redis instance is required. This page is dedicated to helping you set up a Redis on AWS using ElasticCache.

Note: The GitGuardian application is bundled with a basic Redis. This Redis can be used for testing but is not meant to be production-ready.

High-Availability

AWS handles failover by updating a DNS record. This creates a small window where the GitGuardian application will use the ReadOnly replica in case of maintenance.

Installation

From the AWS Console

To create an ElasticCache from the AWS Console, we recommend reading the official documentation.

You need to set the following fields:

  • Ensure Multi-AZ is enabled.
  • Enable Encryption at-rest.
  • Enable Encryption in-transit.
  • Set Access Control Option to Redis AUTH Default User.
  • Set Redis AUTH Token to <SECRET_AUTH_TOKEN>. You must save this value as it is required to configure the GitGuardian application.

Do not enable Cluster Mode, this option is not supported by the GitGuardian application.

Using Terraform

To create a Redis instance using TF, you need the following resources:

In addition to the fields required by Terraform, we require the following fields to be set:

  • transit_encryption_enabled=true: whether to enable encryption in transit.
  • auth_token=<SECRET_AUTH_TOKEN>: the password used to access a password-protected server.
  • at_rest_encryption_enabled=true: whether to enable encryption at rest.
  • automatic_failover_enabled=true: specifies whether a read-only replica will be automatically promoted to read/write primarily if the existing primary fails.
  • multi_az_enabled=true: specifies whether to enable Multi-AZ Support for the replication group.
__wf_reserved_inherit__wf_reserved_inherit

Something we didn’t cover?

__wf_reserved_inherit

See our Roadmap

__wf_reserved_inherit

Subscribe on GitHub

__wf_reserved_inherit

Submit a request

__wf_reserved_inherit

API status