Configuring DCS Redis ACL Users

Notes and Constraints

• By default, this function is supported by DCS Redis 4.0/5.0 instances.
• Temporarily, this function is restricted for DCS Redis 6.0 instances. To enable it, submit a ticket and contact customer service. If the instance is earlier than v6.2.10.4, upgrade the minor version. For details, see Upgrading Minor or Proxy Versions of a DCS Instance.
• Up to 18 users can be created for each instance.
• Currently, ACL users support read/write and read-only permissions.

Configuring DCS Redis ACL Users

1. Log in to the DCS console.
2. Click in the upper left corner of the console and select the region where your instance is located.
3. In the navigation pane, choose Cache Manager.
4. Click an instance.
5. Choose User Management in the navigation pane.

   The user whose username is default is the instance's default user. The default user has read and write permissions and their password is the instance's password.

6. Click Create User.
   

   A password-free Redis instance can only be accessed by the default user. Normal users are invalid. To use a normal user, click Reset Password in the row containing the default user to disable Password Protected for the default user.

7. In the displayed Create User dialog box, enter the username and password.
8. Select Read-only or Read/Write for permissions, and set the password and description.
9. (Optional) Read-only Routing can be selected for Proxy Cluster or read/write splitting instances.

   To forward read requests of a specified user to the master node, replica node, or master/replica node, select Master, Replica, or Master and replica. Alternatively, you can disable it.

   Figure 1 Selecting the read-only routing policy
   
   • This policy is available only when the instance proxy is 5.1.14.12 or later. To upgrade the proxy, see Upgrading Minor or Proxy Versions of a DCS Instance.
   • Read-only Routing is in restricted use. If the instance type and proxy version requirements are met, and this policy is not available on the console, submit a ticket and contact customer service to enable this function.
   • To configure a read-only routing policy for a Proxy Cluster instance, set parameter backend-master-only to no (read/write splitting is enabled). If the parameter is set back to yes after the user is created, the configured policy becomes invalid.
   • Parameter support-dispatch-to-replica-list is prior to the read-only routing policy of the ACL user on the read request forwarding. For details, see Read Request Processing Priority.

10. Click OK.
    Figure 2 User management
    

Connecting to an Instance as an ACL User

A normal ACL user connects to an instance with password {username:password}.

• When using redis-cli to connect to an instance, the default user runs the following command:

  ./redis-cli -h {dcs_instance_address} -p 6379 -a {password}

• A normal ACL user runs the following command:

  ./redis-cli -h {dcs_instance_address} -p 6379 -a {username:password}

More Operations

The following operations can be performed on normal users.

Related Document

To create an ACL user by calling an API, see Account Management.