• Got an Spring Boot Project which uses spring-session-data-redis.
• Locally everything works out of the box. (localhost:6397)
• On the “upper” stages we are using Redis in AWS with one Configuration-Endpoint
• Problem: It’s using AWS IAM.
• My task is to integrate AWS-IAM Credentials into my spring-session-data-redis-Project.

Solution I tried:

1. Created this LettuceConfig as described in https://lettuce.io/core/5.3.7.RELEASE/reference/index.html

public class LettuceConfig {

@Value("${redis.host}")
String redisHost;
@Value("${redis.port}")
int redisPort;

@Value("${redis.userid}")
String userId;
@Value("${redis.replication.group.id}")
String replicationGroupId;
@Value("${redis.region}")
String region;

@Bean(destroyMethod = "shutdown")
ClientResources clientResources() {
    return DefaultClientResources.create();
}

@Bean(destroyMethod = "shutdown")
@Primary
RedisClient redisClient(ClientResources clientResources) {
    RedisURI redisURI = RedisURI.builder()
            .withHost(redisHost)
            .withPort(redisPort)
            .withSsl(true)
            .withAuthentication(getCredentialsProvider())
            .build();

    return RedisClient.create(clientResources, redisURI);
}

@Bean(destroyMethod = "close")
StatefulRedisConnection<String, String> connection(RedisClient redisClient) {
    log.info("Redis-Host in LettuceConfig:" + redisHost);
    return redisClient.connect();
}


public RedisCredentialsProvider getCredentialsProvider() {

    AwsCredentialsProvider awsCredentialsProvider = DefaultCredentialsProvider.create();
    IAMAuthTokenRequest iamAuthTokenRequest = new IAMAuthTokenRequest(this.userId, this.replicationGroupId, this.region);

    // Create a Redis credentials provider using IAM credentials.
    return new RedisIAMAuthCredentialsProvider(
            this.userId, iamAuthTokenRequest, awsCredentialsProvider);

}

Doesnt really works it creates the connection BUT spring-session-data-redis doesn’t inject it in my opinion

The other really is more effective and is taken from https://github.com/spring-projects/spring-data-redis/issues/2769
I still have problem with it..

@Configuration
public class ClusterSessionConfig extends AbstractHttpSessionApplicationInitializer {

    @Value("${redis.host}")
    String redisHost;
    @Value("${redis.port}")
    int redisPort;

    @Value("${redis.userid}")
    String userId;
    @Value("${redis.replication.group.id}")
    String replicationGroupId;
    @Value("${redis.region}")
    String region;

   @Bean
   public LettuceConnectionFactory lettuceConnectionFactory() {
       RedisURI redisURI = RedisURI.builder()
           .withHost(redisHost)
           .withPort(redisPort)
           .withSsl(true)
           .withTimeout(Duration.ofSeconds(10))
           .build();
   LettuceClientConfiguration lettuceClientConfiguration = LettuceClientConfiguration.builder().redisCredentialsProviderFactory(new IAMCredentialsProviderFactory(userId,replicationGroupId,region)).commandTimeout(Duration.ofSeconds(30)).build();
   return new LettuceConnectionFactory(LettuceConnectionFactory.createRedisConfiguration(redisURI),lettuceClientConfiguration);
   }
}

So with this code I am running in a command timeout.
Regarding infrastructure the security group is set. And I can also connect through vpn through redis-cli. But not through the dev-environment.

Maybe someone can help me?