Enable password-free access - User Guide| Alibaba Cloud Documentation Center

ApsaraDB for Redis allows you to enable password-free access for an instance that is deployed in a virtual private cloud (VPC). This mode provides a secure and convenient method to connect to an ApsaraDB for Redis instance. To enable password-free access, make sure that the client and the ApsaraDB for Redis instance are deployed within the same VPC. This way, the client can access the ApsaraDB for Redis instance without the need to use a password. After password-free access is enabled, you can still use a username and a password to connect to the ApsaraDB for Redis instance.

Prerequisites

The instance is an instance of ApsaraDB for Redis Community Edition or a performance-enhanced, persistent memory-optimized, or hybrid-storage instance of ApsaraDB for Redis Enhanced Edition (Tair).
The instance is deployed in a VPC.

Note If the network type of the instance is classic network, you must change the network type to VPC. For more information, see Change the network type from classic network to VPC.

Usage notes

By default, after you enable password-free access for an ApsaraDB for Redis instance, you can use the default account to connect to the instance. The username of the default account is the same as the instance ID, such as r-bp1zxszhcgatnx****. The default account has read and write permissions on the instance.
To ensure security, the system still requires a password when you connect to an ApsaraDB for Redis instance by using a public endpoint.

Note If you fail to connect to an ApsaraDB for Redis instance by using a public endpoint, update the instance to the latest minor version. For more information, see Upgrade the minor version.
By default, the #no_loose_check-whitelist-always parameter of an ApsaraDB for Redis instance is set to no. This way, after password-free access is enabled, clients in the same VPC can directly connect to the instance. You do not need to add the IP addresses of the clients to a whitelist of the instance. For more information, see Modify the parameters of an ApsaraDB for Redis instance.

Note If (error) ERR illegal address is displayed when you run commands after you connect to an ApsaraDB for Redis instance, you can set the #no_loose_check-whitelist-always parameter to yes or add the IP addresses of the clients to a whitelist of the instance.

Procedure

Log on to the ApsaraDB for Redis console.
In the top navigation bar of the page, select the region where the instance is deployed.
On the Instances page, click the ID of the instance.
On the right side of Connection Information, click Enable Password-free Access.

Figure 1. Enable password-free access
In the message that appears, read the content and click OK.
After you refresh the page, the Enable Password-free Access button changes to Disable Password-free Access. You can click this button to disable password-free access.

Note If password-free access is disabled for an ApsaraDB for Redis instance, the clients that use password-free access to connect to the instance can no longer access the instance. To make sure that the clients can still connect to the instance after password-free access is disabled, you must configure the clients to use a username and a password for authentication.

Password-free connection example

In this example, redis-cli is used. After you enable password-free access, run the redis-cli -h <host> -p <port> command to connect your client to an ApsaraDB for Redis instance without a password. For example, you can enter redis -h r-bp10noxlhcoim2****.redis.rds.aliyuncs .com -p 6379.

For more information, see Use redis-cli.

Related operations


Operation	Description
ModifyInstanceVpcAuthMode	Enables or disables password-free access for an ApsaraDB for Redis instance that is deployed in a VPC.