I’ll introduce considerations for deciding whether to enable or disable Redis TLS support.
Background Knowledge: Redis TLS Support
SSL/TLS support in Redis started from version 6.
TLS SupportSSL/TLS is supported by Redis starting with version 6 as an optional feature that needs to be enabled at compile time.
Quote from: TLS Support – Redis
Background: How to Decide Whether to Enable or Disable Redis TLS?
Thinking for Enabling Redis TLS
- Don't trust that "VPC internal networks are safe" and believe **"TLS should be used everywhere"**
- Zero Trust approach
This kind of thinking 🔒
Thinking for Disabling Redis TLS
- VPC internal networks are safe
- Since communication happens within the same VPC, there's no need to enable Redis TLS
This kind of thinking 🏠
That’s all from the Gemba.