This template creates an Amazon ElastiCache cluster in a default VPC with a security group. The cluster uses the memcached engine and has one cache node of type cache.t2.micro.

This template creates an ElastiCache Memcached cluster with three nodes across AZs.

This template creates an ElastiCache parameter group. The parameter group is used to configure the behavior of an ElastiCache cluster.

This template creates an Amazon ElastiCache replication group with two nodes. The replication group uses Redis as the engine and is configured with automatic failover enabled. It also specifies a preferred maintenance window and snapshot retention limit.

This template creates an ElastiCache replication group with two node groups. Each node group has three replicas and the replication group is configured for automatic failover. The replication group uses Redis as the caching engine and has a cache node type of cache.r3.large. It also specifies a preferred maintenance window and snapshot retention limit.

This CloudFormation template creates an ElastiCache subnet group in a VPC with two subnets. The subnet group is used to specify the subnets where ElastiCache clusters can be created.

A Config rule that checks if the Amazon ElastiCache Redis clusters have automatic backup turned on. The rule is NON_COMPLIANT if the SnapshotRetentionLimit for Redis cluster is less than the SnapshotRetentionPeriod parameter.

Checks if Amazon ElastiCache for Redis clusters have auto minor version upgrades enabled. The rule is NON_COMPLIANT for an ElastiCache cluster if it is using the Redis engine and 'AutoMinorVersionUpgrade' is not set to 'true'.

Checks if Amazon ElastiCache replication groups have RBAC authentication enabled. The rule is NON_COMPLIANT if the Redis version is 6 or above and ‘UserGroupIds’ is missing, empty, or does not match an entry provided by the 'allowedUserGroupIDs' parameter.

Checks if Amazon ElastiCache Redis replication groups have automatic failover enabled. The rule is NON_COMPLIANT for an ElastiCache replication group if ‘AutomaticFailover’ is not set to ‘enabled’.

Checks if Amazon ElastiCache replication groups have encryption-at-rest enabled. The rule is NON_COMPLIANT for an ElastiCache replication group if 'AtRestEncryptionEnabled' is disabled or if the KMS key ARN does not match the approvedKMSKeyArns parameter.

Checks if Amazon ElastiCache replication groups have encryption-in-transit enabled. The rule is NON_COMPLIANT for an ElastiCache replication group if ‘TransitEncryptionEnabled’ is set to ‘false’.

Checks if Amazon ElastiCache replication groups have Redis AUTH enabled. The rule is NON_COMPLIANT for an ElastiCache replication group if the Redis version of its nodes is below 6 (Version 6+ use Redis ACLs) and ‘AuthToken’ is missing or is empty/null.

Checks if Amazon ElastiCache clusters are configured with a custom subnet group. The rule is NON_COMPLIANT for an ElastiCache cluster if it is using a default subnet group.

Checks if ElastiCache clusters are running a version greater or equal to the recommended engine version. The rule is NON_COMPLIANT if the 'EngineVersion' for an ElastiCache cluster is less than the specified recommended version for its given engine.