Ensure ElastiCache Redis clusters are encrypted in-transit

Security & Compliance

Ensuring that ElastiCache Redis clusters are encrypted in-transit is an important security measure that can protect sensitive data from being intercepted and accessed by unauthorized parties. When data is transmitted between Redis nodes, it is vulnerable to interception and tampering unless encryption is used. To address this issue, it is important to enable encryption in-transit for ElastiCache Redis clusters.


Enabling encryption in-transit for ElastiCache Redis clusters involves the following remediation steps:

  1. Open the AWS Management Console and navigate to the ElastiCache console.
  2. Select the Redis cluster that you want to configure.
  3. Click on the "Modify" button in the "Configuration" tab.
  4. Scroll down to the "Encryption in Transit" section.
  5. Enable encryption by selecting "Yes" in the "Enable Encryption in Transit" option.
  6. Choose the appropriate encryption protocol from the "Encryption Protocol" drop-down menu.
  7. Click on the "Save Changes and Apply Immediately" button to apply the changes.

By following these remediation steps, you can ensure that ElastiCache Redis clusters are encrypted in-transit, helping to protect sensitive data from interception and unauthorized access.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.