AWS ElastiCache Redis cluster at-rest encryption can be set only at the time of the creation of the cluster. To fix this issue, create a new cluster with at-rest encryption, migrate all required ElastiCache Redis cluster data from the unencrypted cluster to the new cluster, and then delete the old cluster. To create new ElastiCache Redis cluster with at-rest encryption set, perform the following:

1. Sign into the AWS console
2. In the console, select the specific region
3. Navigate to ElastiCache Dashboard
4. Click Redis
5. Click ‘ Create ‘ button

On the ‘ Create your Amazon ElastiCache cluster ‘ page:

• a. Select ‘ Redis ‘ cache engine type.
• b. Enter a name for the new cache cluster
• c. Select Redis engine version from ‘ Engine version compatibility ‘ dropdown list.
• Note: As of July 2018, In-transit encryption can be enabled only for AWS ElastiCache clusters with Redis engine version 3.2.6 and 4.0.10.
• Click ‘ Advanced Redis settings ‘ to expand the cluster advanced settings panel e. Select ‘ Encryption at – rest ‘ checkbox to enable encryption along with other necessary parameters

1. Click ‘ Create ‘ button to launch your new ElastiCache Redis cluster To delete reported ElastiCache Redis cluster, perform the following
2. Sign into the AWS console
3. In the console, select the specific region
4. Navigate to ElastiCache Dashboard
5. Click Redis
6. Select reported Redis cluste
7. Click ‘ Delete ‘ button
8. In the ‘ Delete Cluster ‘ dialog box, if you want a backup for your cluster select ‘ Yes ‘ from the ‘ Create final backup ‘ dropdown menu, provide a name for the cluster backup, then click ‘ Delete ‘.