Network misconfigurations

ElastiCache Redis In-Transit or At-Rest not Encrypted

Description

ElastiCache makes it easy to set up, manage, and scale distributed in-memory cache environments in the Cloud. It provides a high performance, resizable, and cost-effective in-memory cache. It was detected that the Elasticache cluster has disabled In-Transit and At-Rest Encryption. Data encryption helps prevent unauthorized users from reading sensitive data available on your Redis clusters and their associated cache storage systems.
  • Recommended Mitigation

    It is recommended to enable In-Transit and At-Rest encryption when creating a cluster. Enabling encryption can have some performance impact. For more information: <a href="https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/encryption.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/encryption.html</a>