跳到主要内容

AWS ElastiCache

ElastiCache

  • AWS managed Redis/Memcached

  • in-memory cache for read intensive applications

  • might require heavy application change

  • redis:

    • multi AZ for auto failover
    • read replicas to scale reads and have high availability
    • data durability using AOF persistency
    • backup and restore
    • supports sets and sorted sets
  • memcached

    • multi-node for partitioning of data (sharding)
    • no high availability (replication)
    • no persistent
    • no backup or restore
  • security

    • IAM authentication for Redis
    • Redis AUTH
    • security groups
    • IAM policies on ElastiCache are only used for API-level security
    • Memcached supports SASL-based authentication

Authenticating with AUTH command

  • Using Redis AUTH command can improve data security by requiring the user to enter a password before they are granted permission to execute Redis commands on a password-protected Redis server.
  • AUTH can only be enabled for encryption in-transit enabled ElastiCache clusters
    • so two parameters --transit-encryption-enabled and --auth-token are required