ElastiCache Redis clusters before version 6.0 should use Redis AUTH

Description

ElastiCache for Redis clusters before version 6.0 should use Redis AUTH

When using Redis authentication tokens or passwords, clients must provide a password before executing commands, enhancing data security. For Redis 6.0 and later, it is recommended to use Role-Based Access Control (RBAC). Since RBAC is not available in versions earlier than 6.0, this guideline only applies to those versions that cannot utilize the RBAC feature.

Remediation

Follow the Authenticating with the Redis OSS AUTH command documentation to learn how to enable Redis AUTH.