This template creates an Amazon ElastiCache cluster in a default VPC with a security group. The cluster uses the memcached engine and has one cache node of type cache.t2.micro.

This template creates an ElastiCache Memcached cluster with three nodes across AZs.

This template creates an ElastiCache parameter group. The parameter group is used to configure the behavior of an ElastiCache cluster.

This template creates an Amazon ElastiCache replication group with two nodes. The replication group uses Redis as the engine and is configured with automatic failover enabled. It also specifies a preferred maintenance window and snapshot retention limit.

This template creates an ElastiCache replication group with two node groups. Each node group has three replicas and the replication group is configured for automatic failover. The replication group uses Redis as the caching engine and has a cache node type of cache.r3.large. It also specifies a preferred maintenance window and snapshot retention limit.

This CloudFormation template creates an ElastiCache subnet group in a VPC with two subnets. The subnet group is used to specify the subnets where ElastiCache clusters can be created.

Configures Redis log delivery to both CloudWatch Logs and Kinesis Firehose.

Creates an ElastiCache cluster in an AWS Outpost environment with specific subnet and outpost settings.

Configures a single shard primary with a single read replica and includes lifecycle configuration to manage changes in the number of cache clusters.

Creates a serverless Memcached cache with specified resource limits, security settings, and associated with specific subnets.

Sets up a serverless Redis cache with defined storage and compute limits, daily snapshot settings, and security configurations.

Creates a global replication group with one primary and one secondary replication group across different regions.

Manages Redis engine versions across primary and secondary replication groups within a global replication group, using lifecycle policies to handle version synchronization.

Creates a single shard primary with a single read replica using Redis Cluster Mode Disabled.

Creates two shards, each with a primary and a single read replica using Redis Cluster Mode Enabled.

Creates a secondary replication group for a global replication group, including the primary replication group in a different region.

Enables Redis AUTH and in-transit encryption for a replication group.

Creates an AWS ElastiCache user for Redis with a complex access string defining specific permissions.

Creates an ElastiCache user and a user group for Redis engine with specific access permissions.

This template associates an existing ElastiCache user with an existing user group and handles changes in user IDs with lifecycle rules.

A Config rule that checks if the Amazon ElastiCache Redis clusters have automatic backup turned on. The rule is NON_COMPLIANT if the SnapshotRetentionLimit for Redis cluster is less than the SnapshotRetentionPeriod parameter.

Checks if Amazon ElastiCache for Redis clusters have auto minor version upgrades enabled. The rule is NON_COMPLIANT for an ElastiCache cluster if it is using the Redis engine and 'AutoMinorVersionUpgrade' is not set to 'true'.

Checks if Amazon ElastiCache replication groups have RBAC authentication enabled. The rule is NON_COMPLIANT if the Redis version is 6 or above and ‘UserGroupIds’ is missing, empty, or does not match an entry provided by the 'allowedUserGroupIDs' parameter.

Checks if Amazon ElastiCache Redis replication groups have automatic failover enabled. The rule is NON_COMPLIANT for an ElastiCache replication group if ‘AutomaticFailover’ is not set to ‘enabled’.

Checks if Amazon ElastiCache replication groups have encryption-at-rest enabled. The rule is NON_COMPLIANT for an ElastiCache replication group if 'AtRestEncryptionEnabled' is disabled or if the KMS key ARN does not match the approvedKMSKeyArns parameter.

Checks if Amazon ElastiCache replication groups have encryption-in-transit enabled. The rule is NON_COMPLIANT for an ElastiCache replication group if ‘TransitEncryptionEnabled’ is set to ‘false’.

Checks if Amazon ElastiCache replication groups have Redis AUTH enabled. The rule is NON_COMPLIANT for an ElastiCache replication group if the Redis version of its nodes is below 6 (Version 6+ use Redis ACLs) and ‘AuthToken’ is missing or is empty/null.

Checks if Amazon ElastiCache clusters are configured with a custom subnet group. The rule is NON_COMPLIANT for an ElastiCache cluster if it is using a default subnet group.

Checks if ElastiCache clusters are running a version greater or equal to the recommended engine version. The rule is NON_COMPLIANT if the 'EngineVersion' for an ElastiCache cluster is less than the specified recommended version for its given engine.