Critical

Ensure ElastiCache Redis clusters are encrypted at-rest

Security & Compliance
Description

Ensuring ElastiCache Redis clusters are encrypted at rest means that the data stored in the ElastiCache Redis cluster is encrypted and cannot be accessed without proper authorization. This can help protect against unauthorized access to sensitive data in the cluster. ElastiCache provides multiple options to encrypt the data at rest. One such option is to use encryption-in-transit using SSL/TLS protocols. Another option is to use encryption-at-rest using AWS Key Management Service (KMS) to manage the encryption keys. When encryption-at-rest using KMS is used, the data stored in the ElastiCache Redis cluster is encrypted using a KMS key. The KMS key should be configured with proper permissions, and the policy should only allow authorized users to access the key. Overall, ensuring ElastiCache Redis clusters are encrypted at rest helps provide an additional layer of security for sensitive data.

Remediation

To ensure ElastiCache Redis clusters are encrypted at-rest, follow the below remediation steps:

  1. Open the Amazon ElastiCache console.
  2. In the navigation pane, choose "Redis".
  3. Choose the Redis cluster that you want to modify.
  4. Choose "Actions", and then choose "Modify".
  5. In the "Advanced Redis settings" section, choose the "Encryption in-transit and at-rest" option.
  6. Choose "Apply immediately" and then choose "Modify cluster".

This will enable encryption at-rest for your ElastiCache Redis cluster. Additionally, you should ensure that the KMS key used for encryption is secure and has proper access controls in place.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.