Detections
Analytics

Ensure memcached elasticache engines are not in use in AWS PCI-DSS environments for AWS ElastiCache clusters

HIGH

Description

AWS ElastiCache clusters use memcached elasticache engines in AWS PCI-DSS environments.

Remediation

Amazon ElastiCache for Redis has achieved the Payment Card Industry Data Security Standard (PCI DSS). This means that you can now use ElastiCache for Redis for low-latency and high-throughput in-memory processing of sensitive payment card data, such as Customer Cardholder Data (CHD). ElastiCache for Redis is a Redis-compatible, fully-managed, in-memory data store and caching service in the cloud. It delivers sub-millisecond response times with millions of requests per second. Use AWS ElastiCache for Redis instead.

References:
https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/elasticache-compliance.html#elasticache-compliance-pci
https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/memcached-compliance.html

Policy Details

Rule Reference ID: AC_AWS_0103
CSP: AWS
Remediation Available: Yes
Domain: Compliance Validation
Resource: aws_elasticache_cluster
Resource Category: Database
Resource Type: ElastiCache

Frameworks