Skip to content

Redis Cloud Credentials

Service Name: Redis Cloud

Service Description: Redis Cloud is a fully-managed cloud service for Redis, offering high availability, scalability, and performance for Redis databases. It provides enterprise-grade Redis deployments with automatic failover, backups, and monitoring capabilities.

Service Address: https://redis.com/redis-enterprise-cloud/overview/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the database level through Redis Cloud's security settings.

Secret Access Scope: Grants programmatic access to Redis Cloud management API, allowing users to create, modify, and manage Redis databases, view account information, and perform administrative operations.

Secret Revokement URL: https://app.redislabs.com/#/account

Secret Example: REDIS_CLOUD_API_KEY=abcd1234-5678-90ef-ghij-klmnopqrstuv

Suspicious Activity Investigation Instructions:

  • Review Redis Cloud audit logs for unusual API calls or database access patterns

  • Check for unauthorized database creation or modification

  • Monitor for unexpected changes to database configurations

  • Look for unusual traffic patterns or connection attempts from unfamiliar IP addresses

  • Verify if there are any unexpected users added to your Redis Cloud account

Mitigation Instructions:

  • Log in to the Redis Cloud console at https://app.redislabs.com/

  • Navigate to the Account settings section

  • Locate the API Keys management area

  • Delete the compromised API key

  • Generate a new API key if needed

  • Update any legitimate applications or services with the new key

  • Review and update IP allowlists to restrict access to trusted IPs only

  • Enable multi-factor authentication for all users with access to Redis Cloud

  • Review database access permissions and remove any unnecessary access