One of my customers is a big Vault & Redis user and big on credential management. So I thought I would see how difficult it was to write a plugin for Redis. I picked one of the recommended Redis Go SDK’s and it turned out to be quite simple. Would you be interested in taking a look at it, GitHub - fhitchen/vault-plugin-database-redis: A Vault plugin for the REDIS database? It is rough at the moment and cluster support is not merged into the main branch, but it does appear to work quite well. ACL (user authentication) support was added to REDIS in May 2020.
Redis is not typically used in situations where TLS is enabled for performance reasons, so I think I need to look at pumping up the length of the generated passwords. Also Redis has another security feature where the configuration commands can be obfuscated. I want to see if there is a way that Vault can obfuscate and control those commands.
regards, Francis.