Determine if your Amazon ElastiCache cache clusters have the desired node type(s) established by your organization, based on the workload deployed. The desired cluster node type(s) must be defined in the conformity rule settings, in your Trend Cloud One™ – Conformity account.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
Setting limits for the node type(s) of the Amazon ElastiCache clusters provisioned in your AWS cloud account can help you to manage better your compute power, address internal compliance requirements, and prevent unexpected charges on your AWS bill.
You can also limit your Amazon ElastiCache cluster nodes to the desired node type using AWS Organizations by implementing your own Service Control Policy on the master account. A Service Control Policy (SCP) is a type of policy that you can use to manage your organization. SCPs enable you to restrict what resources, services and actions the users, groups, and roles in those AWS accounts can use.
Audit
To determine if the existing cache nodes provisioned for your Amazon ElastiCache clusters have the desired type, perform the following operations:
Remediation / Resolution
To ensure that the provisioning of your Amazon ElastiCache cache clusters is limited to desired node types only (i.e. node types alowed by your organization), perform the following operations:
Creating a support case to request cluster node type limitations using the AWS Command Line Interface (AWS CLI) is not currently supported.References
- AWS Documentation
- Amazon ElastiCache FAQs
- ElastiCache for Memcached components and features
- Redis nodes and shards
- Service control policies (SCPs)
- AWS Command Line Interface (CLI) Documentation
- describe-cache-clusters