- Newest
- Most votes
- Most comments
Answering both your questions below:
for accessing the secondary region do I need to create separate users and usergroup in that region too.
Yes you should, User management in ElastiCache Global Datastore is independently managed on each cluster associated with a GD. Having User groups configured in one region will not copy the configuration to the secondary region. For example, you can setup RBAC roles/users in Primary region cluster while leaving the Secondary region cluster with only default
user access using AUTH token strategy. Clients will have to use appropriate authentication method for that region when accessing each of these clusters.
Also are secondary region only read replicas or can we perform write operation too
The secondary region is passive and cannot take data writes, it only supports data reads.
In AWS Elastic Redis Global DataStore, you do not need to create separate users and user groups for the secondary region. The user and user group configurations are replicated from the primary region to the secondary region automatically.
Regarding your second question, the secondary region in Elastic Redis Global DataStore is configured as a read-replica of the primary region. This means that the secondary region can only serve read requests, while write operations are forwarded to the primary region's writer instance.
Relevant content
- asked 2 years ago
- Accepted Answerasked 5 days ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 months ago
when checking list of users and usergroup created on one region (let us say us-east-1) but cannot find them replicated them in the user management or user groups in other secondary region us-west-2; Is it they are created in one region and managed in one region only but in the second region the users may not be visible in user management tab of us-west-2 but they are having the necessary permissions to access the secondary cluster and if some write operation are executed then they are write-forwarded to the primary cluster
Usersgroup - ACL are manged externally by Redis cache externally and independent of the cluster. the users and usergroup are specific to AWS Region