Create roles with combined access

Create roles with both cluster and database access.

Redis Enterprise Software

To create a role that grants database access privileges and allows access to the Cluster Management UI and REST API:

Define Redis ACLs that determine database access privileges.
Create a role with ACLs added and choose a Management role other than None.

Define Redis ACLs

You can use the Cluster Manager UI or the REST API to define Redis ACL rules that you can assign to roles.

Cluster Manager UI REST API

To define a Redis ACL rule using the Cluster Manager UI:

From Access Control > Roles > Data ACLs, you can either:
- Select an existing Redis ACL from the list to edit it.
- Click + Add Redis ACL to create a new Redis ACL.
Enter a descriptive name for the Redis ACL. This will be used to associate the ACL rule with the role.
Define the ACL rule. For more information about Redis ACL rules and syntax, see the Redis ACL overview.
Click Save.

To define a Redis ACL rule using the REST API, use a create Redis ACL request. For more information about Redis ACL rules and syntax, see the Redis ACL overview.

Example request:

POST /v1/redis_acls
{ 
  "name": "Test_ACL_1",
  "acl": "+@read +FT.INFO +FT.SEARCH"
}

Example response body:

{ 
  "acl": "+@read +FT.INFO +FT.SEARCH",
  "name": "Test_ACL_1",
  "uid": 11
}

To associate the Redis ACL with a role and database, use the uid from the response as the redis_acl_uid when you add roles_permissions to the database.

Note:

For multi-key commands on multi-slot keys, the return value is failure, but the command runs on the keys that are allowed.

Create roles with ACLs and cluster access

You can create a role that grants database access privileges and allows access to the Cluster Management UI and REST API.

Cluster Manager UI REST API

To define a role for combined access using the Cluster Manager UI:

From Access Control > Roles, you can:
- Select a role from the list of existing roles to edit it.
- Click + Add role to create a new role.
Enter a descriptive name for the role. This will be used to reference the role when configuring users.
Choose a Management role other than None. For details about permissions granted by each role, see Cluster Manager UI permissions and REST API permissions.
Click + Add ACL.
Choose a Redis ACL and databases to associate with the role.
Click the check mark to confirm.
Click Save.

To define a role for combined access using the REST API:

Use a create role request:

POST /v1/roles
{ 
  "name": "<role-name>",
  "management": "db_viewer | db_member | cluster_viewer | cluster_member | admin" 
}

Example response body:

{ 
  "management": "admin",
  "name": "<role-name>",
  "uid": 7
}

To associate the role with a Redis ACL and database, use the uid from the response as the role_uid when you add roles_permissions to the database.

Update a database's configuration to add roles_permissions with the role and Redis ACL:

POST /v1/bdbs/<database-id>
{
  "roles_permissions":
  [
    {
      "role_uid": <integer>,
      "redis_acl_uid": <integer>
    }
  ]
}

You can assign the new role to users to grant database access and access to the Cluster Manager UI and REST API.

Products

Tools

Get Redis

Connect

Learn

Latest

See how it works

Create roles with combined access

Define Redis ACLs

Create roles with ACLs and cluster access

On this page