ApsaraDB for Redis is a database service that is compatible with the open source Redis protocol and supports a hybrid of memory and disks for storage. ApsaraDB for Redis supports the master-replica, cluster, and read/write splitting architectures. ApsaraDB for Redis provides comprehensive security hardening for network, storage, backup, and disaster recovery solutions to ensure data security.

For more information about security features, see the following topics:

Attack prevention

A distributed denial-of-service (DDoS) attack may occur when you access ApsaraDB for Redis over the Internet. Alibaba Cloud provides basic DDoS protection for free by monitoring and mitigating DDoS attacks in real time.

Note We recommend that you access ApsaraDB for Redis over an internal network to protect your ApsaraDB for Redis instances from DDoS attacks.

Access control

ApsaraDB for Redis implements multi-dimensional access control to ensure data security.

RAM

Alibaba Cloud provides Resource Access Management (RAM) to help you manage the permissions of RAM users on ApsaraDB for Redis instances that can be configured for RAM users. For more information, see What is RAM?

Whitelists

By default, ApsaraDB for Redis does not allow access from any IP addresses. To allow access from a client, you must add the IP address or CIDR block of the client to a whitelist of your ApsaraDB for Redis instance. This ensures service security. You can add up to 1,000 IP addresses or CIDR blocks to each whitelist of an ApsaraDB for Redis instance. For more information, see Step 2: Configure whitelists.

Database accounts and passwords

Database accounts and passwords are credentials used to access ApsaraDB for Redis instances. You can use the ApsaraDB for Redis console or the ApsaraDB for Redis API to create database accounts and manage read and write permissions of these accounts to implement access control. For more information, see Create and manage database accounts.

Network isolation

ApsaraDB for Redis supports access over the Internet and a virtual private cloud (VPC). We recommend that you use a VPC.

VPC

A VPC is a private network that is isolated from other networks at the network layer on top of physical-layer protocols. VPC provides high security, reliability, flexibility, scalability, and ease of use. For more information, see What is a VPC?

Internet (not recommended)

You can also apply for a public endpoint for your ApsaraDB for Redis instance to access the instance over the Internet. For more information, see Apply for a public endpoint for an ApsaraDB for Redis instance. To improve security, you must add the IP address of a client to a whitelist of your ApsaraDB for Redis instance before the client can access the instance.

Data encryption

TLS

ApsaraDB for Redis supports the Transport Layer Security (TLS) protocol to provide higher data security. Compared with the SSL protocol, the TLS protocol provides better encryption technologies and enhanced security. For more information, see Enable TLS encryption.

TDE

ApsaraDB for Redis provides Transparent Data Encryption (TDE) to encrypt and decrypt Redis Database (RDB) files based on customer master keys (CMKs). TDE encrypts RDB files before they are written to disks and decrypts RDB files when they are read from disks to the memory. This ensures that RDB files are encrypted in all required scenarios such as backup and full synchronization of data between master and replica nodes, and thus improves data security. TDE does not increase the sizes of RDB files. When you use TDE, you do not need to modify your client. For more information, see Enable TDE.

Backup and restoration

ApsaraDB for Redis provides multiple backup methods to persist and restore data.

Data backup

ApsaraDB for Redis provides the following data persistence policies:
  • RDB persistence: ApsaraDB for Redis creates snapshots on a regular basis for the data stored in the engine storage, generates RDB files, and then saves the files to disks. RDB files are small in size and easy to migrate. You can use RDB files to back up or migrate ApsaraDB for Redis data of a specified point in time. By default, ApsaraDB for Redis generates RDB snapshots on a daily basis and retains the snapshots for seven days. For more information, see Automatic or manual backup.
    Note If you want to retain RDB files for more time for the sake of regulatory compliance or data security, download the files to your computer. For more information, see Download a backup file.
  • Append-only file (AOF) persistence: ApsaraDB for Redis records all write commands such as SET in logs. When you restart an ApsaraDB for Redis instance, the system reruns the commands in the AOFs to restore data. By default, the AOF_FSYNC_EVERYSEC policy is specified for ApsaraDB for Redis instances. This policy enables AOF persistence for the instances. After this policy is specified, the system records all write commands in an AOF every second and saves the AOF to disks. The policy has an insignificant impact on performance and can minimize data loss caused by accidental operations. For more information about how to disable AOF persistence, see Disable AOF persistence.

Data restoration

  • Restore data from a backup set to a new instance: ApsaraDB for Redis allows you to create an instance from a specified backup set. The data in the new instance is the same as that in the backup set. This feature is suitable for scenarios such as data restoration, quick workload deployment, and data verification.
  • Use data flashback to restore data by point in time: ApsaraDB for Redis Enhanced Edition (Tair) provides the data flashback feature in addition to the data backup and restoration features based on RDB snapshots. Enhanced Edition (Tair) optimizes the persistence mechanism based on AOFs and incrementally archives AOFs. This prevents AOF rewrite from degrading instance performance and retains every write operation and its timestamp. This way, all or specific keys of an instance can be restored to a point in time accurate to seconds. After the data flashback feature is enabled for an instance, you can restore data of the instance to a specified point in time accurate to seconds to prevent data loss caused by accidental operations to the greatest extent. This feature is suitable for scenarios in which data is frequently restored.

Disaster recovery

Zone-disaster recovery solution

ApsaraDB for Redis standard instances and cluster instances support zone-disaster recovery across two data centers within a single region. If your workloads are deployed in a single region and have high requirements for disaster recovery, you can select the zones that support zone-disaster recovery when you create an ApsaraDB for Redis instance. For more information, see Step 1: Create an ApsaraDB for Redis instance.
Figure 1. Create a zone-disaster recovery instance
Create a zone-disaster recovery instance

When you create a zone-disaster recovery instance, the master node and replica node with the same specifications are deployed in different zones. The master node synchronizes data to the replica node through a dedicated channel.

If a power failure or network error occurs on the master node, the replica node takes over the role of the master node. The system calls an API operation on the configuration server to update routing information for proxy servers. In addition, ApsaraDB for Redis provides an optimized Redis synchronization mechanism. Similar to global transaction identifiers (GTIDs) of MySQL, ApsaraDB for Redis uses global operation identifiers (OpIDs) to indicate synchronization offsets and runs lock-free threads in the background to search for OpIDs. The system asynchronously synchronizes AOF binary logs (binlogs) from the master node to the replica node. You can throttle synchronization to ensure service performance.

Global Distributed Cache

Global Distributed Cache for ApsaraDB for Redis is an active geo-redundancy database system that is developed based on ApsaraDB for Redis. Global Distributed Cache for Redis supports business scenarios in which multiple sites in different regions provide services at the same time. It helps enterprises replicate the active geo-redundancy architecture of Alibaba. This feature provides the following benefits:
  • You can directly create child instances or specify the child instances that need to be synchronized without implementing redundancy in your application logic. This greatly reduces the complexity of application design and allows you to focus on application development.
  • The geo-replication capability is provided for you to implement geo-disaster recovery or active geo-redundancy.
For more information, see Overview.

Security audit

ApsaraDB for Redis provides audit logs based on Log Service. Audit logs include statistics such as log types, execution durations, database IDs, client IP addresses, usernames, command details, and extension information. For more information about Log Service, see What is Log Service? This feature allows you to query and analyze online operation logs (including logs about sensitive operations such as FLUSHALL, FLUSHDB, and DEL), slow query logs, and operational logs. This helps you gain insights into the security and performance of your ApsaraDB for Redis instances. For more information, see Enable the new audit log feature.