Elasticache Replication Group stores unencrypted data at-rest.
Data stored within an Elasticache replication node should be encrypted to ensure sensitive data is kept private.
Impact
At-rest data in the Replication Group could be compromised if accessed.
Recommended Actions
Follow the appropriate remediation steps below to resolve the issue.
Enable at-rest encryption for replication group
1
2
3
4
5
6
7
|
resource "aws_elasticache_replication_group" "good_example" {
replication_group_id = "foo"
replication_group_description = "my foo cluster"
at_rest_encryption_enabled = true
}
|
Links