PlatformResourcesSign inSign Up

Ensure AWS ElastiCache Redis cluster with Multi-AZ Automatic Failover feature set to enabled

Error: AWS ElastiCache Redis cluster with Multi-AZ Automatic Failover feature set to disabled

Bridgecrew Policy ID: BC_AWS_GENERAL_185
Checkov Check ID: CKV2_AWS_50
Severity: MEDIUM

Suggest Edits

AWS ElastiCache Redis cluster with Multi-AZ Automatic Failover feature set to disabled

Description

This policy identifies ElastiCache Redis clusters that have Multi-AZ Automatic Failover feature set to disabled. It is recommended to enable the Multi-AZ Automatic Failover feature for your Redis Cache cluster, which will improve primary node reachability by providing read replica in case of network connectivity loss or loss of availability in the primary's availability zone for read/write operations.\nNote: Redis cluster Multi-AZ with automatic failover does not support T1 and T2 cache node types and is only available if the cluster has at least one read replica.

Fix - Buildtime

Terraform

resource "aws_elasticache_replication_group" "pass" {
  automatic_failover_enabled  = true
  preferred_cache_cluster_azs = ["us-west-2a", "us-west-2b"]
  replication_group_id        = "tf-rep-group-1"
  description                 = "example description"
  node_type                   = "cache.m4.large"
  num_cache_clusters          = 2
  parameter_group_name        = "default.redis3.2"
  port                        = 6379
}

Updated 12 months ago