β Repository β π Compliance Engine β π CloudAware β π AWS β π ElastiCache
π‘οΈ AWS ElastiCache Redis Cluster Auto Minor Version Upgrade is not enabledπ’
- Contextual name: π‘οΈ Redis Cluster Auto Minor Version Upgrade is not enabledπ’
- ID:
/ce/ca/aws/elasticache/redis-cluster-auto-minor-version-upgrade - Tags:
- π’ Policy with categories
- π’ Policy with type
- π’ Production policy
- Policy Type:
COMPLIANCE_POLICY - Policy Categories:
RELIABILITY
Logicβ
- π§ prod.logic.yamlπ’
Descriptionβ
Descriptionβ
This policy identifies AWS ElastiCache for Redis clusters where the Auto Minor Version Upgrade feature is not enabled.
When enabled, this setting ensures that clusters automatically apply minor engine upgrades, which may include new features, performance enhancements, bug fixes, and security patches released by AWS.
Rationaleβ
Enabling auto minor version upgrades reduces manual operational effort and helps ensure that ElastiCache clusters remain secure, stable, and performant. It also minimizes the risk of exposure to known vulnerabilities and software defects.
Impactβ
If auto minor version upgrades are not enabled, clusters may continue running outdated software versions. This increases the risk of security vulnerabilities, performance degradation, and compatibility issues.
Enabling this feature may require a scheduled maintenance window. During the upgrade, the cluster can experience a brief service interruption. For multi-node clusters, ElastiCache performs rolling upgrades to minimize downtime.
Auditβ
... see more
Remediationβ
Remediationβ
Enable Auto Minor Version Upgradeβ
From Command Lineβ
aws elasticache modify-cache-cluster \
--cache-cluster-id {{cluster-id}} \
--auto-minor-version-upgradeThe
--apply-immediatelyflag applies the change immediately; omit it to apply during the next maintenance window.