Skip to content

Commit 3a5df00

Browse files
committed
Block public endpoints page
1 parent 0436b66 commit 3a5df00

File tree

1 file changed

+53
-0
lines changed

1 file changed

+53
-0
lines changed
Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
---
2+
Title: Block public endpoints
3+
alwaysopen: false
4+
categories:
5+
- docs
6+
- operate
7+
- rc
8+
description: Learn how to block the public endpoints of your databases.
9+
weight: 40
10+
---
11+
12+
By default, you can connect to Redis Cloud databases through the database's public endpoint, or through the database's private endpoint with a private connectivity method.
13+
14+
Public endpoints are accessible from the public internet and don't require a private connectivity method. While this makes Redis Cloud databases convenient to use, it also exposes the databases to potential unauthorized access or brute force attacks, even with a database password in place. Some organizations may want to block public access to their databases to comply with security policies or to better meet stringent compliance standards.
15+
16+
Users with Redis Cloud Pro databases can choose to block public endpoints for all databases in their subscription.
17+
18+
## Block public endpoints
19+
20+
You can block public endpoints for a subscription for a [new subscription](#new-subscription) or an [existing subscription](#existing-subscription).
21+
22+
### New subscription
23+
24+
To block the public endpoints when you [create a new Pro subscription]({{< relref "/operate/rc/databases/create-database/create-pro-database-new" >}}):
25+
26+
1. Follow the instructions to [create a Pro database with custom settings]({{< relref "/operate/rc/databases/create-database/create-pro-database-new#custom-settings" >}}).
27+
1. On the **Setup** tab, go to **Advanced options > Security** to select persistent storage encryption options.
28+
1. Select **Block public endpoint** to block the public endpoint for all databases on the subscription.
29+
1. Select **Continue** to go to the [Sizing tab]({{< relref "/operate/rc/databases/create-database/create-pro-database-new#sizing-tab" >}}). Follow the instructions to provision your database(s).
30+
31+
After you block the public endpoints for a new subscription, you will need to set up a [private connectivity method](#private-connectivity-methods) to connect to your databases.
32+
33+
### Existing subscription
34+
35+
For existing subscriptions, we recommend setting up a [private connectivity method](#private-connectivity-methods) to connect to your databases before blocking the private endpoint and migrating all connections to the private endpoint.
36+
37+
To block the public endpoints of an existing Pro subscription:
38+
39+
1. From the [Redis Cloud console](https://cloud.redis.io/), select the **Subscriptions** menu and then select your subscription from the list.
40+
1. Open the **Security** tab to view security settings.
41+
1. In the **Endpoint** section, select **Edit**.
42+
1. Select **Block public endpoint**.
43+
1. Select **Save** to save your changes.
44+
1. A window will appear asking you to confirm that blocking the public endpoint will reject clients connecting to the public endpoint. Select **I understand** and then **Block** to confirm.
45+
46+
After your changes are saved, any incoming connections to the public endpoint of your database will be rejected.
47+
48+
## Private connectivity methods
49+
50+
Redis Cloud supports the following private connectivity options:
51+
- [VPC peering]({{< relref "/operate/rc/security/vpc-peering" >}})
52+
- [Google Cloud Private Service Connect]({{< relref "/operate/rc/security/private-service-connect" >}}) _(Google Cloud only)_
53+
- [AWS Transit Gateway]({{< relref "/operate/rc/security/aws-transit-gateway" >}}) _(AWS only)_

0 commit comments

Comments
 (0)