ElastiCache Without VPC

• Query id: ba766c53-fe71-4bbb-be35-b6803f2ef13e
• Query name: ElastiCache Without VPC
• Platform: CloudFormation
• Severity: Low
• Category: Networking and Firewall
• URL: Github

Description

ElastiCache should be launched in a Virtual Private Cloud (VPC)
Documentation

Code samples

Code samples with security vulnerabilities

Postitive test num. 1 - yaml file

Resources:
  ElasticacheCluster:
    Type: 'AWS::ElastiCache::CacheCluster'
    Properties:    
      Engine: memcached
      CacheNodeType: cache.t2.micro
      NumCacheNodes: '1'

Postitive test num. 2 - json file

{
  "Resources": {
    "ElasticacheCluster": {
      "Type": "AWS::ElastiCache::CacheCluster",
      "Properties": {
          "CacheNodeType": "cache.m3.medium",
          "Engine": "memcached",
          "NumCacheNodes": "1"
      }
   }
  }
}

Code samples without security vulnerabilities

Negative test num. 1 - yaml file

Resources:
  ElasticacheCluster:
    Type: 'AWS::ElastiCache::CacheCluster'
    Properties:    
      Engine: memcached
      CacheNodeType: cache.t2.micro
      NumCacheNodes: '1'
      CacheSubnetGroupName: default

Negative test num. 2 - json file

{
  "Resources": {
    "ElasticacheCluster": {
      "Type": "AWS::ElastiCache::CacheCluster",
      "Properties": {
          "CacheNodeType": "cache.m3.medium",
          "Engine": "memcached",
          "NumCacheNodes": "1",
          "CacheSubnetGroupName": "default"
      }
   }
  }
}