In-transit encryption (TLS) in MemoryDB - Amazon MemoryDB for Redis

In-transit encryption (TLS) in MemoryDB

To help keep your data secure, MemoryDB for Redis and Amazon EC2 provide mechanisms to guard against unauthorized access of your data on the server. By providing in-transit encryption capability, MemoryDB gives you a tool you can use to help protect your data when it is moving from one location to another. For example, you might move data from a primary node to a read replica node within a cluster, or between your cluster and your application.

In-transit encryption overview

MemoryDB for Redis in-transit encryption is a feature that increases the security of your data at its most vulnerable points—when it is in transit from one location to another.

MemoryDB in-transit encryption implements the following features:

  • Encrypted connections—both the server and client connections are Secure Socket Layer (SSL) encrypted.

  • Encrypted replication—data moving between a primary node and replica nodes is encrypted.

  • Server authentication—clients can authenticate that they are connecting to the right server.

For more information on connecting to MemoryDB clusters, see Connecting to MemoryDB nodes using redis-cli.

See also