Enable password-free access for a VPC - User Guide| Alibaba Cloud Documentation Center

ApsaraDB for Redis allows you to enable password-free access for a virtual private cloud (VPC). This mode provides a secure and convenient method to connect to an ApsaraDB for Redis instance. To enable password-free access, make sure that the client and ApsaraDB for Redis instance are deployed within the same VPC. This way, the client can access the ApsaraDB for Redis instance without the need to use a password. After password-free access is enabled, you can still use the username and password to connect to the ApsaraDB for Redis instance.

Prerequisites

The instance runs in a VPC.

Note If the network type of the instance is classic network, you must change the network type to VPC. For more information, see Switch to VPC network.

Precautions

By default, after password-free access is enabled, you can use the account whose username is set to the instance ID, for example, r-bp1zxszhcgatnx****, to connect to the ApsaraDB for Redis instance. This account has read and write permissions on the instance.
To ensure security, the password is still required when you connect to an ApsaraDB for Redis instance by using a public endpoint.

Note If you fail to connect to an ApsaraDB for Redis instance by using a public endpoint, upgrade the minor version of the instance to the latest version. For more information, see Upgrade the minor version.
By default, the #no_loose_check-whitelist-always parameter of the instance is set to no. This way, after password-free access is enabled, clients in the same VPC can directly connect to the ApsaraDB for Redis instance. You do not need to add the IP addresses of the clients to the whitelist of the ApsaraDB for Redis instance. For more information, see Parameters overview.

Note If you run commands after connections are established, and (error) ERR illegal address is prompted, you can set the #no_loose_check-whitelist-always parameter to yes or add the IP addresses of the clients to the whitelist of the ApsaraDB for Redis instance.

Procedure

Log on to the ApsaraDB for Redis console.
On the top of the page, select the region where the instance is deployed.
On the Instance List page, click the Instance ID of the instance.
On the right side of Connection Information, click Enable Password-free Access.

Figure 1. Enable password-free access
In the message that appears, read the content and click OK.
After you refresh the page, the Enable Password-free Access button changes to Disable Password-free Access. You can click this button to disable password-free access.

Note If password-free access is disabled, clients that are connected to the ApsaraDB for Redis instance can no longer access the instance. To make sure that clients can connect to the instance when password-free access is disabled, you must set the clients to use the username and password to authenticate to the instance.

Password-free connection example

In this example, the Redis command line interface redis-cli is used. After you enable password-free access, enter the redis-cli -h <host> -p <port> command to connect to your client without a password, such as redis -h r-bp10noxlhcoim2****.redis.rds.aliyuncs .com -p 6379.

For more information, see Use redis-cli.

Related API operations


API operation	Description
ModifyInstanceVpcAuthMode	Specifies whether to enable password-free access for a VPC.