AUTH feature overview

This page gives an overview of AUTH on Memorystore for Redis.

For instructions on creating a Redis instance with AUTH and other AUTH tasks, see Managing Redis AUTH.

For a list of the permissions required to perform AUTH management tasks, see Redis AUTH permissions.

For instructions on how to connect to a Redis instance with AUTH enabled, and test the AUTH feature, see Connecting to a Redis instance that uses AUTH.

AUTH behavior

When the optional AUTH setting is enabled, Redis refuses any new queries by any new clients that do not attempt to authenticate.

A connecting client starts by sending the AUTH command followed by the Redis instance's AUTH string. Every AUTH string is a Universally Unique Identifier (UUID). Each Redis instance with AUTH enabled has a unique AUTH string.

For Memorystore for Redis, the AUTH string is automatically generated after AUTH is enabled on the instance. The AUTH string is a randomly generated string of 36 characters that is exclusive to each Memorystore instance. The AUTH string is uniquely generated each time that AUTH is enabled. Therefore, the AUTH string can be changed if necessary by toggling AUTH from off to on.

Like every command, the AUTH command is sent unencrypted.

Security and privacy

AUTH helps you ensure that known entities in your organization do not unintentionally access and modify your Redis instance. AUTH does not provide security during data transportation. Also, AUTH does not protect your instance against any malicious entities that have access to your VPC network.

Make sure to limit access to your VPC network to known users and clients. See Redis security for additional details.

What's next

  • Perform common tasks associated with Redis AUTH
  • See the permissions required to perform Redis AUTH tasks.