AWS ElastiCache
ElastiCache
-
AWS managed Redis/Memcached
-
in-memory cache for read intensive applications
-
might require heavy application change
-
redis:
- multi AZ for auto failover
- read replicas to scale reads and have high availability
- data durability using AOF persistency
- backup and restore
- supports sets and sorted sets
-
memcached
- multi-node for partitioning of data (sharding)
- no high availability (replication)
- no persistent
- no backup or restore
-
security
- IAM authentication for Redis
- Redis AUTH
- security groups
- IAM policies on ElastiCache are only used for API-level security
- Memcached supports SASL-based authentication
Authenticating with AUTH command
- Using Redis AUTH command can improve data security by requiring the user to enter a password before they are granted permission to execute Redis commands on a password-protected Redis server.
- AUTH can only be enabled for encryption in-transit enabled ElastiCache clusters
- so two parameters
--transit-encryption-enabled
and--auth-token
are required
- so two parameters