github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-08 15:13:55 -05:00
Code Issues Packages Projects Releases Wiki Activity

docs: redis secret rotation & app connection

Browse Source
This commit is contained in:
Daniel Hougaard
2025-09-22 23:26:08 +04:00
parent fe3a46a9e7
commit f4ce154b33
30 changed files with 363 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.infisicalignore
View File

@@ -51,3 +51,4 @@ docs/integrations/app-connections/bitbucket.mdx:generic-api-key:123
docs/integrations/app-connections/railway.mdx:generic-api-key:156
.github/workflows/validate-db-schemas.yml:generic-api-key:21
k8-operator/config/samples/universalAuthIdentitySecret.yaml:generic-api-key:8
docs/integrations/app-connections/redis.mdx:generic-api-key:80

4
docs/api-reference/endpoints/app-connections/redis/available.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Available"
openapi: "GET /api/v1/app-connections/redis/available"
---

9
docs/api-reference/endpoints/app-connections/redis/create.mdx Normal file
View File

@@ -0,0 +1,9 @@
---
title: "Create"
openapi: "POST /api/v1/app-connections/redis"
---
<Note>
Check out the configuration docs for [Redis Connections](/integrations/app-connections/redis) to learn how to obtain
the required credentials.
</Note>

4
docs/api-reference/endpoints/app-connections/redis/delete.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Delete"
openapi: "DELETE /api/v1/app-connections/redis/{connectionId}"
---

4
docs/api-reference/endpoints/app-connections/redis/get-by-id.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Get by ID"
openapi: "GET /api/v1/app-connections/redis/{connectionId}"
---

4
docs/api-reference/endpoints/app-connections/redis/get-by-name.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Get by Name"
openapi: "GET /api/v1/app-connections/redis/connection-name/{connectionName}"
---

4
docs/api-reference/endpoints/app-connections/redis/list.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "List"
openapi: "GET /api/v1/app-connections/redis"
---

9
docs/api-reference/endpoints/app-connections/redis/update.mdx Normal file
View File

@@ -0,0 +1,9 @@
---
title: "Update"
openapi: "PATCH /api/v1/app-connections/redis/{connectionId}"
---
<Note>
Check out the configuration docs for [Redis Connections](/integrations/app-connections/redis) to learn how to obtain
the required credentials.
</Note>

10
docs/api-reference/endpoints/secret-rotations/redis-credentials/create.mdx Normal file
View File

@@ -0,0 +1,10 @@
---
title: "Create"
openapi: "POST /api/v2/secret-rotations/redis-credentials"
---
<Note>
Check out the configuration docs for [Redis
Credentials Rotations](/documentation/platform/secret-rotation/redis-credentials) to learn how to obtain the
required parameters.
</Note>

4
docs/api-reference/endpoints/secret-rotations/redis-credentials/delete.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Delete"
openapi: "DELETE /api/v2/secret-rotations/redis-credentials/{rotationId}"
---

4
docs/api-reference/endpoints/secret-rotations/redis-credentials/get-by-id.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Get by ID"
openapi: "GET /api/v2/secret-rotations/redis-credentials/{rotationId}"
---

4
docs/api-reference/endpoints/secret-rotations/redis-credentials/get-by-name.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Get by Name"
openapi: "GET /api/v2/secret-rotations/redis-credentials/rotation-name/{rotationName}"
---

4
docs/api-reference/endpoints/secret-rotations/redis-credentials/get-generated-credentials-by-id.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Get Credentials by ID"
openapi: "GET /api/v2/secret-rotations/redis-credentials/{rotationId}/generated-credentials"
---

4
docs/api-reference/endpoints/secret-rotations/redis-credentials/list.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "List"
openapi: "GET /api/v2/secret-rotations/redis-credentials"
---

4
docs/api-reference/endpoints/secret-rotations/redis-credentials/rotate-secrets.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Rotate Secrets"
openapi: "POST /api/v2/secret-rotations/redis-credentials/{rotationId}/rotate-secrets"
---

10
docs/api-reference/endpoints/secret-rotations/redis-credentials/update.mdx Normal file
View File

@@ -0,0 +1,10 @@
---
title: "Update"
openapi: "PATCH /api/v2/secret-rotations/redis-credentials/{rotationId}"
---
<Note>
Check out the configuration docs for [Redis
Credentials Rotations](/documentation/platform/secret-rotation/redis-credentials) to learn how to obtain the
required parameters.
</Note>

31
docs/docs.json
View File

@@ -140,7 +140,8 @@
"integrations/app-connections/terraform-cloud",
"integrations/app-connections/vercel",
"integrations/app-connections/windmill",
"integrations/app-connections/zabbix"
"integrations/app-connections/zabbix",
"integrations/app-connections/redis"
]
}
]
@@ -442,7 +443,8 @@
"documentation/platform/secret-rotation/mysql-credentials",
"documentation/platform/secret-rotation/okta-client-secret",
"documentation/platform/secret-rotation/oracledb-credentials",
"documentation/platform/secret-rotation/postgres-credentials"
"documentation/platform/secret-rotation/postgres-credentials",
"documentation/platform/secret-rotation/redis-credentials"
]
},
{
@@ -1377,6 +1379,19 @@
"api-reference/endpoints/secret-rotations/postgres-credentials/rotate-secrets",
"api-reference/endpoints/secret-rotations/postgres-credentials/update"
]
},
{
"group": "Redis Credentials",
"pages": [
"api-reference/endpoints/secret-rotations/redis-credentials/create",
"api-reference/endpoints/secret-rotations/redis-credentials/delete",
"api-reference/endpoints/secret-rotations/redis-credentials/get-by-id",
"api-reference/endpoints/secret-rotations/redis-credentials/get-by-name",
"api-reference/endpoints/secret-rotations/redis-credentials/get-generated-credentials-by-id",
"api-reference/endpoints/secret-rotations/redis-credentials/list",
"api-reference/endpoints/secret-rotations/redis-credentials/rotate-secrets",
"api-reference/endpoints/secret-rotations/redis-credentials/update"
]
}
]
},
@@ -1937,6 +1952,18 @@
"api-reference/endpoints/app-connections/zabbix/update",
"api-reference/endpoints/app-connections/zabbix/delete"
]
},
{
"group": "Redis",
"pages": [
"api-reference/endpoints/app-connections/redis/list",
"api-reference/endpoints/app-connections/redis/available",
"api-reference/endpoints/app-connections/redis/get-by-id",
"api-reference/endpoints/app-connections/redis/get-by-name",
"api-reference/endpoints/app-connections/redis/create",
"api-reference/endpoints/app-connections/redis/update",
"api-reference/endpoints/app-connections/redis/delete"
]
}
]
},

162
docs/documentation/platform/secret-rotation/redis-credentials.mdx Normal file
View File

@@ -0,0 +1,162 @@
---
title: "Redis Credentials Rotation"
description: "Learn how to automatically rotate Redis credentials."
---
## Prerequisites
1. Create a [Redis Connection](/integrations/app-connections/redis) with the required **Secret Rotation** permissions
2. Ensure your network security policies allow incoming requests from Infisical to this rotation provider, if network restrictions apply.
Create a Redis Credentials Rotation in Infisical
<Tabs>
<Tab title="Infisical UI">
1. Navigate to your Secret Manager Project's Dashboard and select **Add Secret Rotation** from the actions dropdown.
![Secret Manager Dashboard](/images/secret-rotations-v2/generic/add-secret-rotation.png)
2. Select the **Redis Credentials** option.
![Select Redis Credentials](/images/secret-rotations-v2/redis-credentials/select-redis-credentials-option.png)
3. Select the **Redis Connection** to use and configure the rotation behavior. Then click **Next**.
![Rotation Configuration](/images/secret-rotations-v2/redis-credentials/redis-credentials-configuration.png)
- **Redis Connection** - the connection that will perform the rotation of the configured database user credentials.
- **Rotation Interval** - the interval, in days, that once elapsed will trigger a rotation.
- **Rotate At** - the local time of day when rotation should occur once the interval has elapsed.
- **Auto-Rotation Enabled** - whether secrets should automatically be rotated once the rotation interval has elapsed. Disable this option to manually rotate secrets or pause secret rotation.
4. Input the password requirements and permission scope for the Redis users that will be created for the rotation. Then click **Next**.
![Rotation Parameters](/images/secret-rotations-v2/redis-credentials/redis-credentials-parameters.png)
- **Permission Scope** - The scope of the Redis users that will be created for the rotation. This will default to `~* +@all` if not specified.
- **Password Requirements** - The requirements for the password of the Redis users that will be created for the rotation.
5. Specify the secret names that the active credentials should be mapped to. Then click **Next**.
![Rotation Secrets Mapping](/images/secret-rotations-v2/redis-credentials/redis-credentials-secrets-mapping.png)
- **Username** - the name of the secret that the active username will be mapped to.
- **Password** - the name of the secret that the active password will be mapped to.
6. Give your rotation a name and description (optional). Then click **Next**.
![Rotation Details](/images/secret-rotations-v2/redis-credentials/redis-credentials-details.png)
- **Name** - the name of the secret rotation configuration. Must be slug-friendly.
- **Description** (optional) - a description of this rotation configuration.
7. Review your configuration, then click **Create Secret Rotation**.
![Rotation Review](/images/secret-rotations-v2/redis-credentials/redis-credentials-confirm.png)
8. Your **Redis Credentials** are now available for use via the mapped secrets.
![Rotation Created](/images/secret-rotations-v2/redis-credentials/redis-credentials-created.png)
</Tab>
<Tab title="API">
To create a Redis Credentials Rotation, make an API request to the [Create Redis
Credentials Rotation](/api-reference/endpoints/secret-rotations/redis-credentials/create) API endpoint.
### Sample request
```bash Request
curl --request POST \
--url https://us.infisical.com/api/v2/secret-rotations/redis-credentials \
--header 'Content-Type: application/json' \
--data '{
"name": my-redis-rotation",
"projectId": "<string>",
"description": "<string>",
"connectionId": "<redis-connection-id>",
"environment": "dev|staging|prod",
"secretPath": "<string>",
"isAutoRotationEnabled": true,
"rotationInterval": 2,
"rotateAtUtc": {
"hours": 11.5,
"minutes": 29.5
},
"parameters": {
"passwordRequirements": {
"length": 64,
"required": {
"digits": 1,
"lowercase": 1,
"uppercase": 1,
"symbols": 1
},
"allowedSymbols": "@!+"
},
"permissionScope": "~* +@all"
},
"secretsMapping": {
"username": "REDIS_USERNAME",
"password": "REDIS_PASSWORD"
}
}'
```
### Sample response
```bash Response
{
"secretRotation": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"name": "my-redis-rotation",
"description": "my database credentials rotation",
"secretsMapping": {
"username": "REDIS_USERNAME",
"password": "REDIS_PASSWORD"
},
"isAutoRotationEnabled": true,
"activeIndex": 0,
"folderId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"connectionId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"createdAt": "2023-11-07T05:31:56Z",
"updatedAt": "2023-11-07T05:31:56Z",
"rotationInterval": 30,
"rotationStatus": "success",
"lastRotationAttemptedAt": "2023-11-07T05:31:56Z",
"lastRotatedAt": "2023-11-07T05:31:56Z",
"lastRotationJobId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"nextRotationAt": "2023-11-07T05:31:56Z",
"connection": {
"app": "redis",
"name": "my-redis-connection",
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
},
"environment": {
"slug": "dev",
"name": "Development",
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
},
"projectId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"folder": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"path": "/"
},
"rotateAtUtc": {
"hours": 0,
"minutes": 0
},
"lastRotationMessage": null,
"type": "redis-credentials",
"parameters": {
"passwordRequirements": {
"length": 64,
"required": {
"digits": 1,
"lowercase": 1,
"uppercase": 1,
"symbols": 1
},
"allowedSymbols": "@!+"
},
"permissionScope": "~* +@all"
},
"secretsMapping": {
"username": "REDIS_USERNAME",
"password": "REDIS_PASSWORD"
}
}
}
```
</Tab>
</Tabs>

BIN
docs/images/app-connections/redis/redis-app-connection-generated.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 671 KiB

BIN
docs/images/app-connections/redis/redis-app-connection-option.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 514 KiB

BIN
docs/images/app-connections/redis/redis-connection-form.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 500 KiB

BIN
docs/images/secret-rotations-v2/redis-credentials/redis-credentials-configuration.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 510 KiB

BIN
docs/images/secret-rotations-v2/redis-credentials/redis-credentials-confirm.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 534 KiB

BIN
docs/images/secret-rotations-v2/redis-credentials/redis-credentials-created.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 747 KiB

BIN
docs/images/secret-rotations-v2/redis-credentials/redis-credentials-details.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 512 KiB

BIN
docs/images/secret-rotations-v2/redis-credentials/redis-credentials-parameters.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 504 KiB

BIN
docs/images/secret-rotations-v2/redis-credentials/redis-credentials-secrets-mapping.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 521 KiB

87
docs/integrations/app-connections/redis.mdx Normal file
View File

@@ -0,0 +1,87 @@
---
title: "Redis Connection"
description: "Learn how to configure a Redis Connection for Infisical."
---
Infisical supports the use of Username & Password authentication to connect with Redis databases
## Create Redis Connection in Infisical
<Tabs>
<Tab title="Infisical UI">
<Steps>
<Step title="Navigate to App Connections">
In your Infisical dashboard, navigate to the **App Connections** page in the desired project.
![App Connections Tab](/images/app-connections/general/add-connection.png)
</Step>
<Step title="Select Redis Connection">
Click the **+ Add Connection** button and select the **Redis Connection** option from the available integrations.
![Select Redis Connection](/images/app-connections/redis/redis-app-connection-option.png)
</Step>
<Step title="Fill out the Redis Connection Modal">
Complete the Redis Connection form by entering:
- A descriptive name for the connection
- An optional description for future reference
- The Redis host URL for your database
- The Redis port for your Redis database
- The Redis username for your Redis database
- The Redis password for your Redis database
You can optionally configure SSL/TLS for your Redis connection in the **SSL** section.
![Redis Connection Modal](/images/app-connections/redis/redis-app-connection-form.png)
</Step>
<Step title="Connection Created">
After clicking Create, your **Redis Connection** is established and ready to use with your Infisical project.
![Redis Connection Created](/images/app-connections/redis/redis-app-connection-generated.png)
</Step>
</Steps>
</Tab>
<Tab title="API">
To create a Redis Connection, make an API request to the [Create Redis Connection](/api-reference/endpoints/app-connections/redis/create) API endpoint.
### Sample request
```bash Request
curl --request POST \
--url https://app.infisical.com/api/v1/app-connections/redis \
--header 'Content-Type: application/json' \
--data '{
"name": "my-redis-connection",
"method": "username-and-password",
"projectId": "7ffbb072-2575-495a-b5b0-127f88caef78",
"credentials": {
"host": "[REDIS HOST]",
"port": 6379,
"username": "[REDIS USERNAME]",
"password": "[REDIS PASSWORD]",
}
}'
```
### Sample response
```bash Response
{
"appConnection": {
"id": "e5d18aca-86f7-4026-a95e-efb8aeb0d8e6",
"name": "my-redis-connection",
"projectId": "7ffbb072-2575-495a-b5b0-127f88caef78",
"description": null,
"version": 1,
"orgId": "6f03caa1-a5de-43ce-b127-95a145d3464c",
"createdAt": "2025-04-23T19:46:34.831Z",
"updatedAt": "2025-04-23T19:46:34.831Z",
"isPlatformManagedCredentials": false,
"credentialsHash": "7c2d371dec195f82a6a0d5b41c970a229cfcaf88e894a5b6395e2dbd0280661f",
"app": "redis",
"method": "username-and-password",
}
}
```
</Tab>
</Tabs>

1
docs/snippets/AppConnectionsBrowser.jsx
View File

@@ -42,6 +42,7 @@ export const AppConnectionsBrowser = () => {
{"name": "PostgreSQL", "slug": "postgres", "path": "/integrations/app-connections/postgres", "description": "Learn how to connect your PostgreSQL database to pull secrets from Infisical.", "category": "Databases"},
{"name": "Microsoft SQL Server", "slug": "mssql", "path": "/integrations/app-connections/mssql", "description": "Learn how to connect your SQL Server database to pull secrets from Infisical.", "category": "Databases"},
{"name": "Oracle Database", "slug": "oracledb", "path": "/integrations/app-connections/oracledb", "description": "Learn how to connect your Oracle database to pull secrets from Infisical.", "category": "Databases"},
{"name": "Redis", "slug": "redis", "path": "/integrations/app-connections/redis", "description": "Learn how to connect Redis to pull secrets from Infisical.", "category": "Databases"},
{"name": "LDAP", "slug": "ldap", "path": "/integrations/app-connections/ldap", "description": "Learn how to connect your LDAP to pull secrets from Infisical.", "category": "Directory Services"},
{"name": "Auth0", "slug": "auth0", "path": "/integrations/app-connections/auth0", "description": "Learn how to connect your Auth0 to pull secrets from Infisical.", "category": "Identity & Auth"},
{"name": "Okta", "slug": "okta", "path": "/integrations/app-connections/okta", "description": "Learn how to connect your Okta to pull secrets from Infisical.", "category": "Identity & Auth"}

1
docs/snippets/RotationsBrowser.jsx
View File

@@ -14,6 +14,7 @@ export const RotationsBrowser = () => {
{"name": "LDAP Password", "slug": "ldap-password", "path": "/documentation/platform/secret-rotation/ldap-password", "description": "Learn how to automatically rotate LDAP user passwords.", "category": "Identity & Auth"},
{"name": "MySQL", "slug": "mysql-credentials", "path": "/documentation/platform/secret-rotation/mysql-credentials", "description": "Learn how to automatically rotate MySQL database credentials.", "category": "Databases"},
{"name": "PostgreSQL", "slug": "postgres-credentials", "path": "/documentation/platform/secret-rotation/postgres-credentials", "description": "Learn how to automatically rotate PostgreSQL database credentials.", "category": "Databases"},
{"name": "Redis", "slug": "redis-credentials", "path": "/documentation/platform/secret-rotation/redis-credentials", "description": "Learn how to automatically rotate Redis database credentials.", "category": "Databases"},
{"name": "Microsoft SQL Server", "slug": "mssql-credentials", "path": "/documentation/platform/secret-rotation/mssql-credentials", "description": "Learn how to automatically rotate Microsoft SQL Server credentials.", "category": "Databases"},
{"name": "Oracle Database", "slug": "oracledb-credentials", "path": "/documentation/platform/secret-rotation/oracledb-credentials", "description": "Learn how to automatically rotate Oracle Database credentials.", "category": "Databases"}
].sort(function(a, b) {