Menu
Amazon ElastiCache for Redis
ElastiCache for Redis User Guide (API Version 2015-02-02)

ElastiCache for Redis Compliance

In this section, you can find the compliance requirements and controls offered when using Amazon ElastiCache for Redis.

ElastiCache for Redis HIPAA Compliance

The AWS HIPAA Compliance program includes Amazon ElastiCache for Redis as a HIPAA Eligible Service.

In order to use ElastiCache for Redis in compliance with the HIPAA, in addition to executing the Business Associate Agreement (BAA) with AWS, your cluster and nodes within the cluster must satisfy the requirements for engine version, node type, and data security requirements listed here.

To enable HIPAA support on your ElastiCache for Redis cluster, your cluster and nodes within the cluster must satisfy the following requirements.

Requirements

By implementing these requirements, ElastiCache for Redis can be used to store, process, and access Protected Health Information (PHI) in compliance with HIPAA.

For general information about AWS Cloud and HIPAA compliance, see the following:

ElastiCache for Redis PCI DSS Compliance

The AWS PCI DSS Compliance program includes Amazon ElastiCache for Redis as a PCI-compliant service. The PCI DSS 3.2 Compliance Package can be downloaded through AWS Artifact at https://aws.amazon.com/artifact/. For more information, see AWS PCI DSS Compliance Program.

Requirements

ElastiCache for Redis also offers Data Security Controls to further secure the cluster to store, process and transmit sensitive financial data like Customer Cardholder Data (CHD) when using the service.

Create and Seed a New Compliant Cluster

To create a compliant cluster, create a new cluster making sure your choices fulfill the requirements for the compliance you want—engine version, node type, encryption, and if needed FIPS endpoints. If you choose, you can seed a new compliant cluster with data from an existing cluster as you're creating it. For more information, see:

More Information

For general information about AWS Cloud compliance, see the following: