Data security in Amazon ElastiCache

To help keep your data secure, Amazon ElastiCache and Amazon EC2 provide mechanisms to guard against unauthorized access of your data on the server.

Amazon ElastiCache for Redis also provides optional encryption features for data on clusters running Redis versions 3.2.6 (scheduled for EOL, see Redis versions end of life schedule), 4.0.10 or later:

In-transit encryption encrypts your data whenever it is moving from one place to another, such as between nodes in your cluster or between your cluster and your application.
At-rest encryption encrypts your on-disk data during sync and backup operations.

If you want to enable in-transit or at-rest encryption, you must meet the following conditions.

Your cluster or replication group must be running Redis 3.2.6, 4.0.10 or later.
Your cluster or replication group must be created in a VPC based on Amazon VPC.
At-rest encryption encrypts your on-disk data during sync and backup operations.

If you want to enable in-transit or at-rest encryption, you must meet the following conditions.

Your cluster or replication group must be running Redis 3.2.6, 4.0.10 or later.
Your cluster or replication group must be created in a VPC based on Amazon VPC.
Optionally, you can also use AUTH and the AUTH token (password) needed to perform operations on this cluster or replication group.

ElastiCache for Redis Security Diagram

Topics

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Data protection

In-transit encryption (TLS)