Skip to main content

Tunneled Redis Connections

Redis is a popular in-memory data structure store. It can be run locally or configured as a single or distributed standalone service.

Long-lived connections behavior

When you create a TCP or Websocket connection, Pomerium validates the access policy at the time the connection is made.

Currently, there is no mechanism in place to terminate long-running connections if a policy becomes invalid.

tip

This example assumes you've already created a TCP route for this service.

Basic Connection

  1. Create a TCP tunnel, using either pomerium-cli or the Pomerium Desktop client:

    pomerium-cli tcp redis.corp.example.com:6379 --listen :6379
    --listen

    The --listen flag is optional. It lets you define what port the tunnel listens on locally. If not specified, the client will choose a random available port.

  2. Initiate your Redis connection, pointing to localhost:

    redis-cli -h localhost -p 6379

This demonstrates access to a Redis server through Pomerium from the redis-cli tool. Pomerium Enterprise users can utilize Service Accounts to enable secure machine-to-machine communication of Redis services.

More Resources