Detections
Analytics

Ensure automatic backups are enabled for AWS Elasticache Cluster

MEDIUM

Description

Backups can be configured for ElastiCache running Redis and includes the metadata as well as the cluster data. Backups are stored in S3 and can be used to create a new cluster or restore an existing one. For more information on backups for ElastiCache running Redis, see the AWS documentation.
References:
https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/backups.html

Remediation

In AWS Console -

  1. Sign in to the AWS Console and open the ElastiCache console.
  2. Select the Region.
  3. In the navigation pane, choose the engine running on the cluster that you want to modify.
  4. Select Actions and then select Modify.
  5. Change the Enable Automatic Backups to enabled.
  6. Select Apply Immediately check box and Click Modify.

In Terraform -

  1. In the aws_elasticache_cluster resource using Redis, set the snapshot_retention_limit field to a positive numeric value.

References:
https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/backups.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster#snapshot_retention_limit

Policy Details

Rule Reference ID: AC_AWS_0436
CSP: AWS
Remediation Available: Yes
Domain: Data Protection
Resource: aws_elasticache_cluster
Resource Category: Database
Resource Type: ElastiCache

Frameworks