ElastiCache Nodes Not Created Across Multi AZ

• Query id: 9b18fc19-7fb8-49b1-8452-9c757c70f926
• Query name: ElastiCache Nodes Not Created Across Multi AZ
• Platform: Pulumi
• Severity: Medium
• Category: Availability
• CWE: 284
• URL: Github

Description

ElastiCache Nodes should be created across multi az, which means 'AZMode' should be set to 'cross-az' in multi nodes cluster
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file

name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:elasticache:Cluster
    properties:
      engine: memcached
      numCacheNodes: 2
      azMode: single-az
---
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:elasticache:Cluster
    properties:
      engine: memcached
      numCacheNodes: 2

Code samples without security vulnerabilities

Negative test num. 1 - yaml file

name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:elasticache:Cluster
    properties:
      engine: memcached
      numCacheNodes: 2
      azMode: cross-az
---
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:elasticache:Cluster
    properties:
      engine: memcached
      numCacheNodes: 1