v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
32Dashboards
1295Controls
585Queries
4Variables
GitHub

Control: 1 ElastiCache for Redis clusters should have automatic backups scheduled

Description

This control evaluates if Amazon ElastiCache for Redis clusters have automatic backup scheduled. The control fails if the SnapshotRetentionLimit for the Redis cluster is less than 1.

Amazon ElastiCache for Redis clusters can back up their data. You can use the backup to restore a cluster or seed a new cluster. The backup consists of the cluster's metadata, along with all of the data in the cluster. All backups are written to Amazon Simple Storage Service (Amazon S3), which provides durable storage. You can restore your data by creating a new Redis cluster and populating it with data from a backup. You can manage backups using the AWS Management Console, the AWS Command Line Interface (AWS CLI), and the ElastiCache API.

Remediation

For information about scheduling automatic backups, see Scheduling Automatic Backups in the Amazon ElastiCache User Guide.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.foundational_security_elasticache_1

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.foundational_security_elasticache_1 --share

SQL

This control uses a named query:

elasticache_redis_cluster_automatic_backup_retention_15_days

Tags

aws_foundational_security = true
category = Compliance
foundational_security_category = backups_enabled
foundational_security_item_id = elasticache_1
plugin = aws
service = AWS/ElastiCache