Use the Conformity Knowledge Base AI to help improve your Cloud Posture

ElastiCache Reserved Cache Node Lease Expiration In The Next 7 Days

Trend Micro Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 750 automated best practice checks.

Risk Level: High (not acceptable risk)
Rule ID: EC-004

Ensure that your AWS ElastiCache Reserved Cache Nodes are renewed before expiration in order to get a significant discount (up to 70% when used in steady state) on the hourly charges. The renewal process consists of purchasing another ElastiCache Reserved Cache Node so that Amazon can keep charging you based on the chosen reservation term.

This rule can help you work with the AWS Well-Architected Framework.

This rule resolution is part of the Conformity Security & Compliance tool for AWS.

Cost
optimisation

With Reserved Cache Nodes (RCNs) you can optimize your Amazon ElastiCache costs based on your expected usage. Since RCNs are not renewed automatically, purchasing another reserved ElastiCache nodes before expiration will guarantee their billing at a discounted hourly rate.

Note: You can change the default threshold (seven) for the number of days before expiration on the Cloud Conformity console and set your own value (days) based on your requirements.


Audit

To determine the expiration date for your Amazon ElastiCache Reserved Cache Nodes, perform the following:

Using AWS Console

01 Login to the AWS Management Console.

02 Navigate to ElastiCache dashboard at https://console.aws.amazon.com/elasticache/.

03 In the left navigation panel, under ElastiCache Dashboard, choose Reserved Cache Nodes.

04 Open the dashboard Show/Hide Columns dialog box by clicking the configuration icon from the right menu:

Open the dashboard Show/Hide Columns dialog box by clicking the configuration icon from the right menu

05 Inside the Show/Hide Columns dialog box, select Remaining Days checkbox then click Save to apply the changes.

06 Select the Reserved Cache Node (RCN) that you want to examine and verify the value listed for the selected resource in the Remaining Days column. If the number of days displayed in this column is less than 7, the selected AWS ElastiCache RCN is about to expire, therefore it must be renewed to keep it running at the current discounted hourly rate.

07 Repeat step no. 6 to determine the expiration date for other ElastiCache Reserved Cache Nodes provisioned in the current region.

08 Change the AWS region from the navigation bar and repeat the process for the other regions.

Using AWS CLI

01 Run describe-reserved-cache-nodes command (OSX/Linux/UNIX) using custom query filters to list the unique identifiers of all ElastiCache RCNs available in the selected AWS region:

aws elasticache describe-reserved-cache-nodes
	--region us-east-1
	--output table
	--query 'ReservedCacheNodes[*].ReservedCacheNodeId'

02The command output should return a table with the requested RCN customer-specified identifiers:

------------------------
| ReservedCacheNodeIds |
+----------------------+
| MyMemcachedRCN-001   |
| MyMemcachedRCN-002   |
| MyMemcachedRCN-003   |
+----------------------+

03 Run again describe-reserved-cache-nodes command (OSX/Linux/UNIX) using your ElastiCache RCN identifier returned at the previous step with the necessary query filtering to expose the date when the selected node was purchased and the reservation duration (the commitment term in seconds) in order to determine its expiration date:

aws elasticache describe-reserved-cache-nodes
	--region us-east-1
	--reserved-cache-node-id MyMemcachedRCN-001
	--query 'ReservedCacheNodes[*].[StartTime,Duration]'

04 The command output should return the date (timestamp) at which the reservation started and the commitment term in seconds (31536000 for 1 year, 94608000 for 3 years):

[
    "2015-10-14T11:53:08.031Z",
    94608000
]

Based on the timestamp and duration values returned, determine the number of days remained until the reservation expires. If the number of days remained is less than 7, the selected ElastiCache Reserved Cache Node is about to expire, therefore it must be renewed to maintain the current Amazon ElastiCache discount rate.

05 Repeat step no. 3 and 4 to determine the expiration date for other ElastiCache Reserved Cache Nodes provisioned in the current region.

06 Change the AWS region by updating the --region command parameter value and repeat steps no. 1 - 5 to perform the audit process for other regions.

Remediation / Resolution

To renew the ElastiCache Reserved Cache Nodes before their reservation expire, you need to repurchase them using the same configuration attributes (region, node type, term, etc). To renew your existing ElastiCache RCNs in order to avoid On-Demand rates charges when the current reservation expires, perform the following:

Using AWS Console

01 Login to the AWS Management Console.

02 Navigate to ElastiCache dashboard at https://console.aws.amazon.com/elasticache/.

03 In the left navigation panel, under ElastiCache Dashboard, choose Reserved Cache Nodes.

04 Select the ElastiCache Reserved Cache Node that you want to renew and note its configuration attributes (i.e. product description, node type, term, offering type and reserved node ID).

05 Click Purchase Reserved Node button from the dashboard top menu to start the purchasing process.

06 In the Purchase Reserved Nodes dialog box, perform the following actions:

  1. From Product Description dropdown list, select the in-memory cache engine used by the ElastiCache RCN that you want to renew.
  2. From Node Type dropdown list, choose the cache node type (e.g. cache.m3.large).
  3. From Term dropdown list, select the length of time for the new reservation based on your requirements.
  4. From Offering Type dropdown list, choose the preferred offering type (e.g. Heavy Utilization).
  5. In the Reserved Node ID box, type the ElastiCache Reserved Cache Node identifier that you want to renew (repurchase).
  6. In the Number of Nodes box type 1.
  7. Click Next to continue the process.

07 In the Purchase Reserved Nodes summary section, verify the cache node configuration information then click Purchase Now to repurchase your reserved ElastiCache node.

08 Repeat steps no. 4 - 7 to renew (repurchase) other ElastiCache Reserved Cache Nodes that are about to expire, available in the current region.

09 Change the AWS region from the navigation bar and repeat the process for other regions.

Using AWS CLI

01 Before you repurchase your ElastiCache Reserved Cache Node run describe-reserved-cache-nodes-offerings command (OSX/Linux/UNIX) to get the pricing details and information about available ElastiCache RCN offerings. Use the command parameters provided in the following example to match the specifications of the RCN that you want to renew (repurchase):

aws elasticache describe-reserved-cache-nodes-offerings
	--region us-east-1
	--cache-node-type cache.m3.large
	--duration 94608000
	--product-description memcached
	--offering-type "Heavy Utilization"

02 The command output should return the requested offering(s) information (pricing and configuration details):

{
    "ReservedCacheNodesOfferings": [
        {
            "OfferingType": "Heavy Utilization",
            "FixedPrice": 673.0,
            "ReservedCacheNodesOfferingId":
            "737a1dd9-85c9-403b-b4fb-b62cbc1e7353",
            "UsagePrice": 0.0,
            "RecurringCharges": [
                {
                    "RecurringChargeAmount": 0.047,
                    "RecurringChargeFrequency": "Hourly"
                }
            ],
            "ProductDescription": "memcached",
            "Duration": 94608000,
            "CacheNodeType": "cache.m3.large"
        }
    ]
}

03 Run purchase-reserved-cache-nodes-offering command (OSX/Linux/UNIX) to purchase an ElastiCache Reserved Cache Node based on the offering information returned at the previous step. The following command example repurchase a reserved ElastiCache node with the identifier MyMemcachedRCN-001:

aws elasticache purchase-reserved-cache-nodes-offering
	--region us-east-1
	--reserved-cache-node-id MyMemcachedRCN-001
	--cache-node-count 1

04 The command output should return the new ElastiCache RCN metadata:

{
    "ReservedCacheNode": [
        {
            "ReservedCacheNodeId": MyMemcachedRCN-001,
            "ReservedCacheNodesOfferingId":
            "737a1dd9-85c9-403b-b4fb-b62cbc1e7353",
            "CacheNodeType": "cache.m3.large",
            "StartTime ": "2016-10-09T14:37:05.000Z",
            "Duration": 94608000,
            "FixedPrice": 673.0,
            "UsagePrice": 0.0,
            "CacheNodeCount": 1,
            "ProductDescription": "memcached",
            "OfferingType": "Heavy Utilization",
            "RecurringCharges": [
                {
                    "RecurringChargeAmount": 0.047,
                    "RecurringChargeFrequency": "Hourly"
                }
            ],
            "State": "payment-pending"
        }
    ]
}

05 Repeat steps no. 1 - 4 to renew (repurchase) other ElastiCache Reserved Cache Nodes that are about to expire, available in the current region.

06 Change the AWS region by updating the --region command parameter value and repeat steps no. 1 - 5 to perform the entire process for other regions.

References

Publication date Oct 27, 2016

Unlock the Remediation Steps


Free 30-day Trial

Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

Confirmity Cloud Platform

No thanks, back to article

You are auditing:

ElastiCache Reserved Cache Node Lease Expiration In The Next 7 Days

Risk Level: High