ElastiCache Redis Cluster Without Backup

  • Query id: e93bbe63-a631-4c0f-b6ef-700d48441ff2
  • Query name: ElastiCache Redis Cluster Without Backup
  • Platform: Pulumi
  • Severity: Medium
  • Category: Backup
  • URL: Github

Description

ElastiCache Redis cluster should have 'snapshotRetentionLimit' higher than 0
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:elasticache:Cluster
    properties:
      engine: redis
      snapshotRetentionLimit: 0
---
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:elasticache:Cluster
    properties:
      engine: redis

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:elasticache:Cluster
    properties:
      engine: redis
      snapshotRetentionLimit: 5
---
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:elasticache:Cluster
    properties:
      engine: memcached