AWS-ElastiCache-memcache-associated-with-deafault-VPC

Owned by naveen
Last updated: Nov 23, 2021
1 min read

Severity: Low

Description: This control ensures that AWS ElastiCache redis clusters are not associated with default VPC. ElastiCache provides a high-performance, scalable, and cost-effective caching solution. At the same time, it helps remove the complexity associated with deploying and managing a distributed cache environment. You can choose in which subnet group(VPC) to create the ElastiCache cluster at the time of creation.

Remediation Steps:

Perform following to change the subnet for ElastiCache cluster :

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Step 1:  Backup the ElastiCache redis cluster

    1. Navigate to ElastiCache console.

    2. In the navigation pane, choose Memcached.

    3. Choose the box to the left of the name of the Redis cluster you want to back up.

    4. Now in actions dropdown choose backup.

  3. Step 2: Delete the ElastiCache Memcached cluster

    1. In the navigation pane, choose Memcached.

    2. Choose the box to the left of the name of the Memcached cluster you want to delete.

    3. Now in actions dropdown choose Delete.

  4. Step 3: Restore the Backup

    1. In the navigation pane, choose Backups.

    2. Select the Backup you want to restore.

    3. Click on the restore button.

    4. In the Restore Cluster window ensure that Choose a Subnet group is set with a subnet group not associated with default VPC.

Important:

  • Changing subnet group is only available while creating the ElastiCache Memcached Cluster. To modify subnet group, first backup the ElastiCache Memcached cluster and delete the misconfigured ElastiCache Memcached Cluster. After this operation, restore the backup with modified port. After the restoring the cluster, application changes might be required for application to point to the new cluster endpoint.

Reference:

 

 

Blue Hexagon Proprietary