Menu
In Redis there is an authentication feature and also different databases are possible, but can these feature be combined in a secure way?
From MySQL I know that there is a user management with and multiple users can have multiple passwords and can have permissions for only one database.
For security reasons I'd like to have it similar in Redis, because currently I can use requirepass, but I have to add it to every application, which wants to connect to redis anyway. (Is there at least a way to use multiple passwords for requirepass?
And I can connect to one database with an application, but AFAIK this application could also just switch to another database. (Can I at least prevent this switch somehow?)
For performance reasons I want to avoid running multiple instances of redis in parallel.
310
I'll start at the end:
For performance reasons I want to avoid running multiple instances of redis in parallel.
Just the opposite in fact - since Redis is (mostly) single threaded, running multiple instances parallel is exactly how you get better server utilization and increased performance.
The Redis notion of databases (also known as shared databases or numbered databases) is different from than that of the SQL domain. Redis' databases are more like namespaces, and besides sharing the same thread they also share all the configuration - the authentication password included.
So the answer is no, you can't set a different password for each database. For more details on why you should prefer dedicated Redis databases refer to: https://redislabs.com/blog/benchmark-shared-vs-dedicated-redis-instances
68
From redis 6.0 we can achieve this with the help of ACL
ACL SETUSER user1 on >password +@all ~* -select +select|1
Further, you can use same command to be more restrictive, such as giving permission to certain prefix etc.
ACL SETUSER user1 on >password ~prefix.:* +@all
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
