Redis
Learn how to dynamically generate Redis Database user credentials.
The Infisical Redis dynamic secret allows you to generate Redis Database credentials on demand based on configured role.
Prerequisite
Create a user with the required permission in your Redis instance. This user will be used to create new accounts on-demand.
Set up Dynamic Secrets with Redis
Open Secret Overview Dashboard
Open the Secret Overview dashboard and select the environment in which you would like to add a dynamic secret.
Click on the 'Add Dynamic Secret' button
Select 'Redis'
Provide the inputs for dynamic secret parameters
Name by which you want the secret to be referenced
Default time-to-live for a generated secret (it is possible to modify this value after a secret is generated)
Maximum time-to-live for a generated secret.
The database host, this can be an IP address or a domain name as long as Infisical can reach it.
The database port, this is the port that the Redis instance is listening on.
Redis username that will be used to create new users on-demand. This is often ‘default’ or ‘admin’.
Password that will be used to create dynamic secrets. This is required if your Redis instance is password protected.
A CA may be required if your DB requires it for incoming connections. This is often the case when connecting to a managed service.
(Optional) Modify Redis Statements
If you want to provide specific privileges for the generated dynamic credentials, you can modify the Redis statement to your needs. This is useful if you want to only give access to a specific table(s).
Click `Submit`
After submitting the form, you will see a dynamic secret created in the dashboard.
If this step fails, you may have to add the CA certificate.
Generate dynamic secrets
Once you’ve successfully configured the dynamic secret, you’re ready to generate on-demand credentials. To do this, simply click on the ‘Generate’ button which appears when hovering over the dynamic secret item. Alternatively, you can initiate the creation of a new lease by selecting ‘New Lease’ from the dynamic secret lease list section.
When generating these secrets, it’s important to specify a Time-to-Live (TTL) duration. This will dictate how long the credentials are valid for.
Ensure that the TTL for the lease fall within the maximum TTL defined when configuring the dynamic secret.
Once you click the Submit
button, a new secret lease will be generated and the credentials from it will be shown to you.
Audit or Revoke Leases
Once you have created one or more leases, you will be able to access them by clicking on the respective dynamic secret item on the dashboard. This will allow you to see the expiration time of the lease or delete a lease before it’s set time to live.
Renew Leases
To extend the life of the generated dynamic secret leases past its initial time to live, simply click on the Renew button as illustrated below.
Lease renewals cannot exceed the maximum TTL set when configuring the dynamic secret
Was this page helpful?