Open HugoPBrito opened 3 weeks ago
I used the describe_cache_clusters
method and filtered within Redis instead of describe_replication_groups
because Boto3 provides the necessary attributes only through this method.
Attention: Patch coverage is 90.24390%
with 4 lines
in your changes missing coverage. Please review.
Project coverage is 89.02%. Comparing base (
f25319f
) to head (7bcaee8
). Report is 48 commits behind head on master.
Files with missing lines | Patch % | Lines |
---|---|---|
...rs/aws/services/elasticache/elasticache_service.py | 80.00% | 4 Missing :warning: |
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Context
Redis AUTH is essential for securing access to Redis clusters by requiring a password for client commands, especially since Role-Based Access Control (RBAC) is not available in versions prior to 6.0. The control will fail if Redis AUTH is not enabled for these earlier versions, helping to enforce best practices for data security in environments where older Redis versions are still in use. For Redis versions 6.0 and later, RBAC is recommended, but this check specifically targets the need for AUTH in versions below 6.0.
Description
I have implemented a new check called
elasticache_redis_cluster_auth_enabled
to address a security concern in Amazon ElastiCache for Redis. This check ensures that replication groups running Redis versions earlier than 6.0 have Redis AUTH enabled.Checklist
License
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.