In-transit encryption client library code sample

This code sample shows a go-redis client library configuration for connecting to a Memorystore for Redis instance that has in-transit encryption enabled.

Connect to an instance

The following sample provides an example of how to instantiate a client, load an in-transit encryption Certificate Authority, and how to set up a connection pool.

Go

  import 
  
 ( 
  
 "context" 
  
 "crypto/tls" 
  
 "crypto/x509" 
  
 "errors" 
  
 "fmt" 
  
 "io" 
  
 "time" 
  
 memorystore 
  
 "cloud.google.com/go/redis/apiv1" 
  
 redispb 
  
 "cloud.google.com/go/redis/apiv1/redispb" 
  
 "github.com/go-redis/redis/v8" 
 ) 
 // ConnectToDatabase demonstrates how to use go-redis library to connect to a 
 // Memorystore Redis instance. 
 func 
  
 ConnectToDatabase 
 ( 
 w 
  
 io 
 . 
 Writer 
 , 
  
 projectID 
 , 
  
 location 
 , 
  
 instanceID 
  
 string 
 ) 
  
 error 
  
 { 
  
 // Instantiate a Redis administrative client 
  
 ctx 
  
 := 
  
 context 
 . 
 Background 
 () 
  
 adminClient 
 , 
  
 err 
  
 := 
  
 memorystore 
 . 
 NewCloudRedisClient 
 ( 
 ctx 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 err 
  
 } 
  
 defer 
  
 adminClient 
 . 
  Close 
 
 () 
  
 req 
  
 := 
  
& redispb 
 . 
 GetInstanceRequest 
 { 
  
 Name 
 : 
  
 fmt 
 . 
 Sprintf 
 ( 
 "projects/%s/locations/%s/instances/%s" 
 , 
  
 projectID 
 , 
  
 location 
 , 
  
 instanceID 
 ), 
  
 } 
  
 instance 
 , 
  
 err 
  
 := 
  
 adminClient 
 . 
 GetInstance 
 ( 
 ctx 
 , 
  
 req 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 err 
  
 } 
  
 fmt 
 . 
 Fprintln 
 ( 
 w 
 , 
  
 instance 
 ) 
  
 // Load CA cert 
  
 caCerts 
  
 := 
  
 instance 
 . 
 GetServerCaCerts 
 () 
  
 if 
  
 len 
 ( 
 caCerts 
 ) 
  
 == 
  
 0 
  
 { 
  
 return 
  
 errors 
 . 
 New 
 ( 
 "memorystore: no server CA certs for instance" 
 ) 
  
 } 
  
 caCertPool 
  
 := 
  
 x509 
 . 
 NewCertPool 
 () 
  
 caCertPool 
 . 
 AppendCertsFromPEM 
 ([] 
 byte 
 ( 
 caCerts 
 [ 
 0 
 ]. 
 Cert 
 )) 
  
 // Setup Redis Connection pool 
  
 client 
  
 := 
  
 redis 
 . 
 NewClient 
 ( 
& redis 
 . 
 Options 
 { 
  
 Addr 
 : 
  
 fmt 
 . 
 Sprintf 
 ( 
 "%s:%d" 
 , 
  
 instance 
 . 
 Host 
 , 
  
 instance 
 . 
 Port 
 ), 
  
 Password 
 : 
  
 "PASSWORD" 
 , 
  
 PoolSize 
 : 
  
 1 
 , 
  
 MinIdleConns 
 : 
  
 1 
 , 
  
 PoolTimeout 
 : 
  
 0 
 , 
  
 IdleTimeout 
 : 
  
 20 
  
 * 
  
 time 
 . 
 Second 
 , 
  
 DialTimeout 
 : 
  
 2 
  
 * 
  
 time 
 . 
 Second 
 , 
  
 TLSConfig 
 : 
  
& tls 
 . 
 Config 
 { 
  
 RootCAs 
 : 
  
 caCertPool 
 , 
  
 }, 
  
 }) 
  
 p 
 , 
  
 err 
  
 := 
  
 client 
 . 
 Ping 
 ( 
 ctx 
 ). 
 Result 
 () 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 err 
  
 } 
  
 fmt 
 . 
 Fprintf 
 ( 
 w 
 , 
  
 "Response:\n%s" 
 , 
  
 p 
 ) 
  
 return 
  
 nil 
 }

What's next

Learn more about in-transit encryption .
Learn how to enable in-transit encryption on an instance.

In-transit encryption client library code sample Stay organized with collections Save and categorize content based on your preferences.

Connect to an instance

Go

What's next

In-transit encryption client library code sample