Redis Cloud Credentials
Service Name: Redis Cloud
Service Description: Redis Cloud is a fully-managed cloud service for Redis, offering high availability, scalability, and performance for Redis databases. It provides enterprise-grade Redis deployments with automatic failover, backups, and monitoring capabilities.
Service Address: https://redis.com/redis-enterprise-cloud/overview/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the database level through Redis Cloud's security settings.
Secret Access Scope: Grants programmatic access to Redis Cloud management API, allowing users to create, modify, and manage Redis databases, view account information, and perform administrative operations.
Secret Revokement URL: https://app.redislabs.com/#/account
Secret Example: REDIS_CLOUD_API_KEY=abcd1234-5678-90ef-ghij-klmnopqrstuv
Suspicious Activity Investigation Instructions:
-
Review Redis Cloud audit logs for unusual API calls or database access patterns
-
Check for unauthorized database creation or modification
-
Monitor for unexpected changes to database configurations
-
Look for unusual traffic patterns or connection attempts from unfamiliar IP addresses
-
Verify if there are any unexpected users added to your Redis Cloud account
Mitigation Instructions:
-
Log in to the Redis Cloud console at
https://app.redislabs.com/ -
Navigate to the Account settings section
-
Locate the API Keys management area
-
Delete the compromised API key
-
Generate a new API key if needed
-
Update any legitimate applications or services with the new key
-
Review and update IP allowlists to restrict access to trusted IPs only
-
Enable multi-factor authentication for all users with access to Redis Cloud
-
Review database access permissions and remove any unnecessary access