Encryption at rest
Redis Cloud databases write their data to disk whenever persistence is enabled. For deployments on GCP and Azure, this data is always encrypted by default. For AWS, all pre-configured subscriptions encrypt data by default. For custom Redis Cloud Pro subscriptions, see the documentation below for how to enable encryption.
Disk encryption on AWS
Almost all deployments of Redis Cloud Essentials, Pro, and Ultimate enable encryption by default. The one exception to this rule is custom plans. See below for how to enable encryption on these plans.
Enabling encryption for custom Redis Cloud Pro subscriptions
If you’re creating a custom Redis Cloud Pro subscription, then you need to make sure that you enable encryption. You create a customer subscription when you select Build a Plan, as seen here:
This will take you to the Create Customer Subscription screen:
From here, scroll down to where it says Advanced Options, and ensure that the Persistent Storage Encryption slider is set to Yes:
Once this is set, all databases created from this subscription will use encrypted volumes to store their persistent data.
Disk encryption on GCP
All data written to disk on GCP-based Redis Cloud deployments is encrypted by default. When deloying a Redis Cloud database on GCP, you don’t need to take any actions to enable this encryption.
To learn more, see the GCP encryption at rest documentation.
Disk encryption on Azure
All data written to disk on Azure-based Redis Cloud deployments is encrypted by default. When deloying a Redis Cloud database on Azure, you don’t need to take any actions to enable this encryption.
To learn more, see the Azure encryption at rest documentation.