ApsaraDB for Redis allows you to enable password-free access for instances that are deployed in a virtual private cloud (VPC). This feature provides a secure and convenient method to connect to an instance. After password-free access is enabled for an instance located in a VPC, clients within the same VPC can access the instance without using a password. Meanwhile, you can still use a username and a password to connect to the instance.
Prerequisites
Precautions
- After you enable password-free access for an instance, the default account is used to connect to the instance. The username of the default account is the same as the instance ID, such as r-bp1zxszhcgatnx****. The default account has read and write permissions on the instance.
- After password-free access is enabled for an instance, the system still prompts for
a password when you connect to the instance by using a public endpoint to enhance
security.
Note If you cannot connect to an instance by using a public endpoint, update the instance to the latest minor version. For more information, see Update the minor version.
- By default, the #no_loose_check-whitelist-always parameter of an instance is set to no. This way, after password-free access is enabled, clients within the same VPC can
directly connect to the instance without the need to add the IP addresses of the clients
to a whitelist of the instance. For more information, see Modify parameters of an instance.
Note
- If the
(error) ERR illegal address
error message is returned when you run commands on an instance that has password-free access enabled, the IP address of the client that you are using is not added to a whitelist of the instance.You can add the IP address to a whitelist of the instance. Alternatively, you can set #no_loose_check-whitelist-always to no. This way, the system does not check whether IP addresses are included in instance whitelists.
- The #no_loose_check-whitelist-always parameter cannot be specified for instances that use cloud disks. For more information, see Supported parameters.
- If the
Procedure
Connection example
The following code shows how to connect to an instance that has password-free access enabled:
redis-cli -h host -p port // Example: redis -h r-bp10noxlhcoim2****.redis.rds.aliyuncs.com -p 6379
JedisPoolConfig config = new JedisPoolConfig(); // Maximum number of idle connections allowed. You can set this parameter based on your needs. Make sure that the specified value does not exceed the maximum number of connections that the instance supports. config.setMaxIdle(100); // Maximum number of connections allowed. You can set this parameter based on your needs. Make sure that the specified value does not exceed the maximum number of connections that the instance supports. config.setMaxTotal(200); config.setTestOnBorrow(false); config.setTestOnReturn(false); // Replace the values of the host and port parameters with the endpoint and port number of the instance respectively. The password parameter is not required. String host = "r-bp10noxlhcoim2****.redis.rds.aliyuncs.com"; int port = 6379; JedisPool pool = new JedisPool(config, host, port); Jedis jedis = null; try { jedis = pool.getResource(); /// ... do stuff here ... for example jedis.set("foo", "bar"); System.out.println(jedis.get("foo")); jedis.zadd("sose", 0, "car"); jedis.zadd("sose", 0, "bike"); System.out.println(jedis.zrange("sose", 0, -1)); } finally { if(jedis != null) { // Close connections after each API operation is complete. To close a connection, release the connection to the connection pool instead of destroying the connection. jedis.close(); } } // Call only once when you exit. pool.destroy();
Related API operations
Operation | Description |
---|---|
ModifyInstanceVpcAuthMode | Enables or disables password-free access for an ApsaraDB for Redis instance that is deployed in a VPC. |
FAQ
- Q: Why does the
WRONGPASS invalid username-password pair
error message appear after I enabled password-free access for an instance deployed in a VPC?A: This error is returned because you use a Community Edition instance that runs Redis 6.0. If you use the instance and enter a wrong account password, the system returns this error. Enter the correct account password or left the account password field empty.Note The following section describes the password format:- If you use the default account whose username is the same as the instance ID, you can enter only the password.
- If you use a custom account, the account password follows the
<user>:<password>
format. Example:testaccount:Rp829dlwa
.