ElastiCache using default port

ID

aws_elasticache_default_port

Severity

info

Vendor

AWS

Resource

Network

Tags

reachable

Description

ElastiCache using default port, 6379 for Redis and 11211 for Memcached. An attacker can easily guess the port.

To fix it you must configure cache_port property.

Learn more about this topic at AWS Accessing ElastiCache Memcached and AWS Accessing ElastiCache Redis.

Examples

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: Basic example
      community.aws.elasticache:
        name: "test"
        state: present
        engine: memcached
        cache_engine_version: 1.4.14
        node_type: cache.m1.small
        num_nodes: 1
        cache_port: 11211
        zone: us-east-1d

Mitigation / Fix

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: Basic example
      community.aws.elasticache:
        name: "test"
        state: present
        engine: memcached
        cache_engine_version: 1.4.14
        node_type: cache.m1.small
        num_nodes: 1
        cache_port: 11222
        zone: us-east-1d
        cache_subnet_group: "subnet_group"