Deploy a production-ready Valkey in-memory store in under 3 minutes with auto-generated credentials and 24/7 cloudimg support - a secure Redis API-compatible alternative.
This is a repackaged open source software product wherein additional charges apply for cloudimg support services.
## Overview
Valkey is the open source, BSD-licensed, high-performance in-memory key-value store stewarded by the Linux Foundation. It serves as a drop-in replacement for the Redis API, including the RESP protocol on port 6379 and the full set of commands and data structures that client libraries expect. This AMI delivers Valkey fully installed and hardened, so you have a working in-memory store accepting authenticated connections within minutes of launch.
Valkey 8.1.x is built from the upstream Linux Foundation source tarball - not the older version available in the OS package archive - ensuring you run the current major line with the latest stability and performance improvements.
## Why This AMI Over Alternatives
Unlike stock OS packages or manual installs, this image is secure by default from the first boot. Many generic Valkey or Redis images ship with no authentication or require manual password configuration, leaving a window of exposure. With this AMI, a one-shot systemd service generates a cryptographically strong password before the daemon accepts any connections, and Valkey binds exclusively to the loopback address (127.0.0.1). You never accidentally expose an unauthenticated data port to the internet.
Compared to self-managed deployments, you eliminate the time spent compiling from source, writing systemd unit files, configuring persistence directories, and hardening network bindings. Compared to managed services, you retain full control over instance sizing, persistence strategy, and replication topology - with no vendor lock-in.
## What Is Included
## Secure First Boot
The image ships with no shared password. On first boot, a one-shot systemd service generates a unique strong password, applies it as the Valkey requirepass directive, and writes it to /root/.valkey_password (readable only by root). Authentication is enforced from the moment the daemon is reachable - there is no window of unauthenticated access.
## Getting Started
1. Launch the AMI on your chosen EC2 instance type (recommended: r6g or r7g family for memory-intensive workloads)
2. Ensure your security group allows SSH (port 22) and optionally port 80 for the health endpoint
3. SSH into the instance and retrieve the generated password: cat /root/.valkey_password
4. Connect locally: valkey-cli -a YOUR_PASSWORD
5. Begin storing keys, lists, hashes, sorted sets, streams, and other Redis API data types
To open Valkey to a private network, update the bind address in /etc/valkey/valkey.conf and add port 6379 to your security group for your VPC CIDR only.
## Migration Scenario: Redis to Valkey
Teams affected by the Redis license change to SSPL can migrate existing workloads to this Valkey AMI with minimal code changes. Because Valkey implements the full Redis API and RESP protocol, existing client libraries (Jedis, redis-py, ioredis, Lettuce) connect without modification. A typical migration for a web application caching layer serving thousands of requests per second involves launching this AMI, replicating data from the existing Redis instance using Valkey's replication commands, validating key parity, and cutting over the application connection string. cloudimg engineers can assist with replication setup, persistence tuning, and eviction policy configuration during migration.
## Use Cases
## cloudimg Support
24/7 technical support by email and live chat. Our engineers provide expert assistance with Valkey deployment, replication topology design, persistence tuning (RDB and AOF), eviction policies, and migration from existing Redis API workloads. Critical issues receive a one-hour average response time.
To discuss a migration plan or deployment architecture before purchase, contact our team for a free consultation.