Redis Public and Any IP Access Check

ID: rule:aliyun:redis-public-and-any-ip-access-check
Severity: high

Description

Ensures that Redis instances do not have public access enabled or an open whitelist.

Reason for Violation

Public access to Redis is a severe security risk, as it is often targets for brute force attacks and data theft.

Recommendation

Disable public connection for the Redis instance and restrict access via IP whitelists.

Resource Types

• ALIYUN::REDIS::Instance