HIGH
Source
Trivy
ID
AVD-AWS-0045

Elasticache Replication Group stores unencrypted data at-rest.

Data stored within an Elasticache replication node should be encrypted to ensure sensitive data is kept private.

Impact

At-rest data in the Replication Group could be compromised if accessed.

Follow the appropriate remediation steps below to resolve the issue.

Enable at-rest encryption for replication group

1
2
3
4
5
6
resource "aws_elasticache_replication_group" "good_example" {
  replication_group_id = "foo"
  replication_group_description = "my foo cluster"
  
  at_rest_encryption_enabled = true
}