Posted On: May 8, 2024
Today, Amazon MemoryDB launched two new condition keys for IAM policies that enable you to control user authentication and encryption in transit settings during cluster creation. The new condition keys let you create IAM policies or Service Control Policies (SCPs) to enhance security and meet compliance requirements.
The first condition key called ,memorydb:TLSEnabled, enables you to require a specific encryption in transit setting in your Amazon Web Services Accounts. For example, you can use the new memorydb:TLSEnabled condition key to enforce that MemoryDB clusters can only be created with encryption in transit enabled. The second condition key called, memorydb:UserAuthenticationMode, enables you to enforce that MemoryDB users have a user authentication setting. For example, you can use the new memorydb:UserAuthenticationMode condition key to require that MemoryDB users have IAM authentication enabled. Amazon MemoryDB condition keys are now available in all Amazon Web Services regions where MemoryDB is generally available, including the Amazon Web Services China (Beijing) Region, operated by Sinnet and the Amazon Web Services China (Ningxia) Region, operated by NWCD.