thadeusb
commented
1 year ago It uses werkzeug as the underlying api into redis.
I would check with that project for more details on support here, and even it's using some sort of other redis adapter that may or may not be fully HIPAA compliant in the manner you need.
Redis doesn't officially support encryption either, it's more of a special thing elasticache does, so tread with great caution here.
Might be worth looking into another backend solution for caching, something that gives you finer controls over the encryption and connection settings. Maybe it all just works here but, this code was all written before elastic cache was even a thing let alone encrypted elastic cache
jstorqhonor
This is really a question that I hope is not an issue but it is not immediately obvious to me where to look for the answer. I am wiring up flask-caching into a Flask app and using the RedisCache. For HIPAA reasons, we have setup our AWS ElastiCache redis cluster to force TLS connections. When it comes to configuring the Cache(), is it as simple as doing the following:
flask_caching.Cache( app=self.app, config={ 'CACHE_TYPE': 'RedisCache', 'CACHE_KEY_PREFIX': 'xxxx:',
'CACHE_OPTIONS': {}, 'CACHE_REDIS_HOST': 'redis', 'CACHE_REDIS_PASSWORD': 'redisPassword', 'CACHE_REDIS_PORT': '6379',
'CACHE_REDIS_DB': '0',
'CACHE_REDIS_URL': 'rediss://:redisPassword@blahblah.amazonaws.com:6379/0', 'CACHE_DEFAULT_TIMEOUT': '500',
}, )
Specifically, do I just set CACHE_REDIS_URL to 'rediss://un:pwd@redis:port/db'? I just want to confirm that TLS support is there and circumvent any gotchas, if possible. Do you have documentation about this anywhere?
Further, when it comes to the CACHE_OPTIONS map, is that where I would setup read-replica settings so that GET traffic would route to a read-replica store? (Is this supported)?
Any feedback would be most appreciated. Thank you!