I have an elasticache instance being used by the production applications. Now, the data science guys need to access some data from redis. Obviously, can't give prod redis access to them. And even if I wanted to give that, elasticache can't be accessed outside of AWS.
I am aware of the NAT instance trick provided by AWS. But I am thinking of a different solution.
Here is my solution,
- Launch an EC2 instance
- install redis on it, and bind it to its private IP
- make this redis, a slave of the elasticache redis, using
SLAVEOF prod-redis-url prod-redis-port, so it will have all the prod data inside it. As it is a slave, it will be a readonly - expose the EC2 instance redis' port on public interface
- The data science guys will connect to this EC2's Redis, which will have the same data as the prod one.
I wanted some suggestions on this approach that whether it has any security concerns, or any bad practices stuff. So, please give your inputs.
UPDATE: I started on this, I followed the steps I thought.
But the master-slave redis sync is not happening for some reason. The instances are in same subnet, so communication should not be a problem.
Any ideas on why the sync is not happening?
Does Elasticache even allows the master-slave sync to instances outside the cluster?
UPDATE: After gathering information from some other communities, AWS does not allow this behaviour.
