Risk Level: Low
Cloud Entity: Amazon ElastiCache
CloudGuard Rule ID: D9.AWS.CRY.25.PCI
Covered by Spectral: Yes
ElastiCache should not have engine='memcached'
The AWS PCI DSS Compliance program only includes Amazon ElastiCache for Redis as a PCI-compliant service. So it is recommended not to use memcached engines. Use below steps from AWS console to validate Memcached is not used in AWS PCI DSS environments.
- For each PCI-DSS environment, login to AWS console.
- Go to Amazon ElastiCache service: https://us-east-1.console.aws.amazon.com/elasticache.
- In the left navigation panel, click on 'Memcached clusters' and validate if there is no cluster created/used in that PCI-DSS environment.
From Command Line
Use below command to ensure there is no Memcached cluster available in your PCI-DSS environment.
aws elasticache describe-cache-clusters
Amazon ElastiCache offers fully managed Redis and Memcached. Seamlessly deploy, operate, and scale popular open source compatible in-memory data stores. Build data-intensive apps or improve the performance of your existing apps by retrieving data from high throughput and low latency in-memory data stores. Amazon ElastiCache is a popular choice for Gaming, Ad-Tech, Financial Services, Healthcare, and IoT apps.
- AWS CloudGuard Well Architected Framework
- AWS PCI-DSS 3.2
- AWS PCI-DSS 4.0
- CloudGuard AWS All Rules Ruleset
Updated 3 months ago