Ensure multi-az is configured for AWS ElastiCache Clusters

MEDIUM

Description

Multi-availability zone architecture can provide redundancy for a more resilient Redis infrastructure. ElastiCache instances can be configured in clusters that cross availability zones. For more information, see the AWS documentation.
References:
https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/AutoFailover.html

Remediation

In AWS Console -

Sign in to the AWS Console and open the ElastiCache console.
Select the Region.
In the navigation pane, choose the engine running on the cluster that you want to modify.
Select Actions and then select Modify.
Change the Multi-AZ setting to enabled.
Select Apply Immediately check box and Click Modify.

In Terraform -

In the aws_elasticache_cluster resource using Memcached, set the az_mode field to cross-az.
Set the num_cache_nodes field to a value greater than 1.

References:
https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/RegionsAndAZs.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#az_mode

Policy Details

Rule Reference ID: AC_AWS_0104

CSP: AWS

Remediation Available: Yes

Domain: Resilience

Resource: aws_elasticache_cluster

Resource Category: Database

Resource Type: ElastiCache

Frameworks

GDPR
NIST-800-171
NIST-800-53
NIST-CSF
HIPAA

Detections

Analytics