Azure Redis Cache Enhanced Security And Network Isolation

In this article, we will learn how to configure an enhanced security for Azure Redis Cache by isolating the access to Redis Cache within the Virtual Network (VNET).

By this time, you must have had a chance to read the articles, mentioned below.

  1. Azure Redis Cache – Introduction
  2. Azure Redis Cache Configure Data Persistence

Azure provides the three tiers, mentioned below, for Redis Cache.

  1. Basic
  2. Standard
  3. Premium

Premium tier provided the multiple additional features. In this article, we will learn how to configure an enhanced security for Azure Redis Cache by isolating the access to Redis Cache within the Virtual Network (VNET). You can learn more about VNET in one of my previous articles Azure - How to build Virtual network (VNet) and its components.

Please note that, by default, all the three tiers provide the security to the Azure Redis Cache Service by securing the access to the clients with the valid keys. At any point of time, if you feel that these keys are compromised, you can regenerate the keys to make the old keys invalid.

However, if you would like to provide an enhanced security and do not want to provide an access to the public internet, you can provide network isolation and make sure that Azure Redis cache is only accessible to the Services that are internal to the VNET. Let’s see how to implement it.

Please navigate to Azure Management portal and click Add, as shown below.



You will be taken to the New Redis Cache blade, as shown below.



You must choose one of the available Premium Tiers. In this example, I have selected P1 Premium tier. Once you select the required tier, click Select. The next step is to configure the Virtual Network in which you would like to host and use the Redis Cache.

Please note the following.

  • You can configure Virtual Network only while creating the Azure Redis Cache. You cannot assign a network after it is created.
  • You can configure only VNET located in the same data center (location) as with the Azure Redis Cache.
  • Please make sure that you are selecting an empty Subnet within the selected VNET. You can host the Azure Redis Cache in an empty subnet. You cannot even host other Services in this subnet later.

As shown below, select the Virtual Network in which you would like to create Azure Redis Cache.



Once you select the required Virtual Network, you would see the subnets available within the selected VNET, as shown below.

Please select the Subnet and provide an IP Address, as shown below.



Now, click OK to create the Azure Redis Cache with an enhanced security by provisioning the Service within a VNET, so that only the Services within VNET can access Azure Redis Cache.



We have created Azure Redis Cache in a Virtual Network that provides an enhanced security.

Summary

In this article, we learned the following.

  • How to provide an enhanced security for an Azure Redis Cache.
  • Prerequisites of configuring Azure Redis Cache in a VNET.

I hope you enjoyed reading the article. Your feedback is appreciated. You can read the original article here.