You can protect your Memorystore for Redis Cluster instances using VPC Service Controls.
VPC Service Controls protect against data exfiltration and provide an extra layer of security for your instances. For more information about VPC Service Controls, see Overview of VPC Service Controls.
Once the Memorystore for Redis Cluster API is protected by your service perimeter, Memorystore for Redis Cluster API requests coming from clients outside of the perimeter must have the proper access level rules.
Protecting your Redis instances using VPC Service Controls
Add the Memorystore for Redis Cluster API to your service perimeter. For instructions on adding a service to your service perimeter, see Updating a service perimeter.
Configuration requirements
If you use both Shared VPC and VPC Service Controls, you must have the host project that provides the network and the service project that contains the Redis instance inside the same perimeter in order for Redis requests to succeed. Otherwise, requests between the service project instance and the host project network are blocked by the VPC Service Controls service perimeter.
At any time, separating the host project and service project with a perimeter can cause a Redis instance failure, in addition to blocked requests.