Best practice rules for Amazon ElastiCache
Amazon ElastiCache is a service for a distributed in-memory cache in the cloud. It provides a high-performance, scalable, and cost-effective caching solution. Memcached or Redis cache engine software are available.
Trend Micro Cloud One™ – Conformity monitors Amazon ElastiCache with the following rules:
- ElastiCache Cluster Default Port
Ensure that AWS ElastiCache clusters aren't using their default endpoint ports.
- ElastiCache Cluster In VPC
Ensure Amazon ElastiCache clusters are deployed into a Virtual Private Cloud (VPC)
- ElastiCache Desired Node Type
Ensure that all your Amazon ElastiCache cluster cache nodes are of given types.
- ElastiCache Engine Version
Ensure that your Amazon ElastiCache clusters are using the stable latest version of Redis/Memcached cache engine.
- ElastiCache Instance Generation
Ensure ElastiCache clusters are using the latest generation of nodes for cost and performance improvements.
- ElastiCache Nodes Counts
Ensure your AWS account has not reached the limit set for the number of ElastiCache cluster nodes.
- ElastiCache Redis In-Transit and At-Rest Encryption
Ensure that your AWS ElastiCache Redis clusters are encrypted in order to meet security and compliance requirements.
- ElastiCache Redis Multi-AZ
Ensure Amazon ElastiCache Redis clusters have the Multi-AZ feature enabled.
- ElastiCache Reserved Cache Node Coverage
Ensure that your Amazon ElastiCache usage is covered by ElastiCache RI reservations.
- ElastiCache Reserved Cache Node Lease Expiration In The Next 30 Days
Ensure Amazon ElastiCache Reserved Cache Nodes (RCN) are renewed before expiration.
- ElastiCache Reserved Cache Node Lease Expiration In The Next 7 Days
Ensure Amazon ElastiCache Reserved Cache Nodes (RCN) are renewed before expiration.
- ElastiCache Reserved Cache Node Payment Failed
Ensure AWS ElastiCache Reserved Node purchases have not failed.
- ElastiCache Reserved Cache Node Payment Pending
Ensure AWS ElastiCache Reserved Node purchases are not pending.
- ElastiCache Reserved Cache Node Recent Purchases
Ensure ElastiCache Reserved Cache Node purchases are regularly reviewed for cost optimization (informational).
- Idle AWS ElastiCache Nodes
Identify any idle AWS ElastiCache nodes and terminate them in order to optimize your AWS costs.
- Unused ElastiCache Reserved Cache Nodes
Ensure that your ElastiCache Reserved Cache Nodes are being utilized.