ECS Cluster Service not able to talk to Redis Cache in AWS

Usually the default security group doesn’t allow inbound access.

I would double check this group is applied to fargate and redis and that inbound access is allowed.

Also I see your using a custom VPC. Can you confirm your subents and route tables are correctly setup along with your ACLs on the subnets.

Thanks Robin ;-)

Thanks for the reply! There were two issues that were causing the error.

1. I was using NewClient from redis-golang instead of clusterClient,which is correct api to connect to redis cluster.
2. Even after doing step 1,I was getting weird error message. Upgraded redis-golang client to v9 and it worked.

Hi,

In your configuration, there is not single sec group but several that come into play: the one of the VPC but also the one of the redis cache and the one of the ECS service.

So, I would check all of them to make sure that they allow the trafic. In particular, make sure that your ECS service is allowed to access the Redis cluster in the Redis sec group. See https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/GettingStarted.AuthorizeAccess.html

Read in details, all the steps detailled after this initial guidance in the page above:

By default, network access to your cluster is limited to the account that was used to create it. 
Before you can connect to a cluster from an EC2 instance, you must authorize the EC2 instance
 to access the cluster. The steps required depend upon whether you launched your cluster into 
EC2-VPC or EC2-Classic.

The most common use case is when an application deployed on an EC2 instance needs to 
connect to a cluster in the same VPC. The simplest way to manage access between EC2 
instances and clusters in the same VPC is to do the following:

Best, Didier