Tyk Gateway support for Redis ACL


we at MOIA Hamburg are using Tyk Gateway (Tyk OSS), deployed in Kubernetes, with AWS ElastiCache Redis.

AWS ElastiCache Redis is supporting RBAC, which is build on top of native Redis ACL:

We want to have that RBAC feature to resrict access to Redis cluster only to dedicated actors (Tyk Gateway && Tyk Pump pods, dedicated platform engineer teams) (any possible have more fine grained ACL control).

Currently Tyk Gateway does not seem to support AWS Redis RBAC / Redis ACL. The only way to secure Redis access via password seems to be using Redis Bitnami.

Is supporting AWS Redis RBAC / Redis ACL on Your roadmap? What else possibilities to make RBAC for Redis can You maybe point out?

Thank You and best Regards,
Vagharshak Baghdasaryan

@bwagh99 Hello and welcome to the community :partying_face:

Thank you for reaching out with your feature request and roadmap inquiry! We truly appreciate your interest in our product and are grateful for your feedback.

I will share your input with our development team for consideration in future updates. I or a colleague will follow up to discuss your request.

@Olu Hello and small update from my side.

I tried today to set Redis password via global.redis.pass setting in the Tyk Gateway Deployment. That is working with AWS ElastiCache Redis AUTH (if I setup Redis AUTH token to have the same value, as global.redis.pass, Tyk Gateway can connect to Redis, otherwise no).

BUT: Redis AUTH is already has been superseded by Role-Based Access Control, as per AWS official docu.

So, in summary, altough Tyk currently supports Redis AUTH with AWS ElastiCache, it would be nice, if it could support its “successor” - the Redis RBAC, as wroten in my first post.