AWS Security ChangesHomeSearch

AWS AmazonElastiCache documentation change

Service: AmazonElastiCache · 2025-06-07 · Documentation low

File: AmazonElastiCache/latest/dg/Clusters.RBAC.md

Summary

Updated RBAC documentation with specifics about Valkey/Redis user group authentication requirements

Security assessment

Clarifies security controls around authentication mechanisms but does not address a specific vulnerability

Diff

diff --git a/AmazonElastiCache/latest/dg/Clusters.RBAC.md b/AmazonElastiCache/latest/dg/Clusters.RBAC.md
index a594a1fd7..e357dc4ce 100644
--- a//AmazonElastiCache/latest/dg/Clusters.RBAC.md
+++ b//AmazonElastiCache/latest/dg/Clusters.RBAC.md
@@ -30 +30 @@ RBAC is designed to support the introduction of [ACL](https://valkey.io/topics/a
-  * When using RBAC with Valkey, you can associate roles with both Valkey and Redis OSS caches. This is because a Valkey cluster can contain both Valkey and Redis OSS caches. 
+  * A user group configured for the "VALKEY" engine can only contain users who are using an authentication mechanism (either password or IAM). This means all users with the engine "VALKEY", and any other users with the engine "Redis" who have their setup configured to authenticate with password or IAM, can be in this user group.
@@ -32 +32,3 @@ RBAC is designed to support the introduction of [ACL](https://valkey.io/topics/a
-  * When using RBAC with Redis OSS, roles can only be applied to Redis OSS caches.
+  * When using RBAC with Valkey clusters, both user groups with engine "VALKEY" and with engine "REDIS" can be used.
+
+  * When using RBAC with Redis OSS clusters, only user groups with the engine "REDIS" can be used.