Redis should not be publicly accessible from the internet to protect data from unauthorized user access, data loss and possible leakage of sensitive data. As a general precaution if any resource needs to be open to the internet, it must first undergo a security review and approval from DSO.
- Change the access control policy and security groups to make the Redis endpoint private.
- Allow access to a specific list of IP addresses.
- Once the Redis endpoint is not publicly accessible Bridgecrew will automatically close the issue.
- You can also request exception from the policy violation details page.
- SecOps will review and involve DSO if required and grant exception; Bridgecrew will automatically ignore this resource until the expiry of exception.
Updated 2 months ago