Ensure that your Amazon ElastiCache clusters are using the stable latest version of Redis/Memcached cache engine in order to adhere to AWS best practices, benefit from better security by having the most recent vulnerability patches, receive the latest Redis and Memcached software features and get the latest performance optimizations.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
efficiency
When running your ElastiCache clusters with the latest version of Redis/Memcached cache engine you will benefit from new features and enhancements, better performance, better memory management, bug fixes and security patches. For example, upgrading your ElastiCache Redis clusters version to 3.2.6 will get you all the improvements that come with Redis engine version 3 (data partitioning, geospatial indexing, online cluster resizing, replica scaling, etc) plus the ones added by AWS such as support for newer cache node types, in-transit and at-rest encryption, and support for HIPAA compliance. For ElastiCache Memcached clusters, upgrading the engine version to 1.4.34 will add several bug fixes, systemd service hardening, improved support for large items over 1MB and the ability to dynamically increase the amount of memory available to the engine without having to restart the cache cluster.
Audit
To determine if your AWS ElastiCache clusters are using the latest version of Redis/Memcached cache engine, perform the following:
Remediation / Resolution
To upgrade the Memcached/Redis cache engine version for your existing Amazon ElastiCache clusters, perform the following:
Note 1: ElastiCache Redis cache clusters with cluster mode enabled does not support changing engine version.Note 2: Because the Memcached engine does not support persistence, the engine version upgrade is a disruptive process which clears all cache data within the ElastiCache Memcached cluster.
References
- AWS Documentation
- Amazon ElastiCache FAQs
- Choosing an Engine: Memcached, Redis (cluster mode disabled), or Redis (cluster mode enabled)
- Determine Available Engine Versions
- ElastiCache for Memcached Versions
- ElastiCache for Redis Versions
- Upgrading Engine Versions
- Modifying an ElastiCache Cluster
- AWS Command Line Interface (CLI) Documentation
- elasticache
- describe-cache-clusters
- modify-cache-cluster
- modify-replication-group
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
ElastiCache Engine Version
Risk level: Medium