ElastiCache clusters should not use the default subnet group

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

This assessment verifies ElastiCache clusters are configured with a custom subnet group. The assessment will not pass for an ElastiCache cluster if the CacheSubnetGroupName is set to default.

When initiating an ElastiCache cluster, a default subnet group is automatically generated if one does not already exist. This default group utilizes subnets from the default Virtual Private Cloud (VPC). It is advised to utilize custom subnet groups that give more control over the subnets in which the cluster is located and the networking inherited from those subnets.

Remediation

For guidance on establishing a new subnet group for an ElastiCache cluster, please refer to the Creating a subnet group section in the Amazon ElastiCache User Guide.

PREVIEWING: may/unit-testing