Open jdnurmi opened 1 year ago
/cc @aws-controllers-k8s/elasticache-maintainer
Issues go stale after 180d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 60d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Provide feedback via https://github.com/aws-controllers-k8s/community.
/lifecycle stale
Issues go stale after 180d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 60d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Provide feedback via https://github.com/aws-controllers-k8s/community.
/lifecycle stale
Is your feature request related to a problem? While transitioning our clusters to encrypted transport, a middle-step is often required - where transit encryption is enabled, but not mandatory. Fortunately, with elasticache there is a solution: "TransitEncryptionMode: preferred". This is, however, not supported by the elasticache ACK.
Describe the solution you'd like I would love to see that feature exposed - only valid if TransportEncryption: true, and with available values "required" and "preferred"; Mutable at runtime.
Describe alternatives you've considered Manually adjusting the cluster works, and because the ACK is oblivious to this knob, it's not otherwise disruptive. But it does mean bringing up a new cluster with optional encryption is a two step process (creating with ACK, modifying outside of ACK), which is less than ideal.