Interview › Databases & Caching
How do you secure Redis (AUTH, TLS, network isolation, no public exposure)?
Databases & Caching · Advanced level
Answer
Redis security starts with private networking, no public exposure, security groups, TLS, AUTH or ACLs, least-privilege users, secret rotation, and blocking dangerous commands for application users.
Technical explanation
Network isolation is the first control: Redis should not be public.
AUTH/ACLs limit what application users can do, including blocking admin commands.
TLS, secret rotation, security groups, and private subnets complete the baseline.
Hands-on example
Security baseline:
Private subnets only.
Security group allows 6379 only from app SG.
Transit encryption enabled.
App ACL allows GET/SET but denies FLUSHALL/CONFIG.
Secret stored in Secrets Manager and rotated.
Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.
More Databases & Caching interview questions
- What is Amazon RDS, and what does it manage for you versus self-managed databases?
- What database engines does RDS support?
- What is the difference between RDS and Aurora?
- What is Multi-AZ in RDS, and how does automatic failover work?
- How long does an RDS Multi-AZ failover typically take, and what triggers it?
- What is the difference between Multi-AZ and a read replica?
- When would you use a read replica, and can it become a standalone database?
- Can a read replica be in a different region, and why would you do that?