In order to protect sensitive data, AWS ElastiCache Redis clusters should be encrypted rest. Encryption of data at rest prevents unauthorized access to your sensitive data stored on AWS ElastiCache Redis clusters and associated cache storage.
AWS ElastiCache Redis cluster at-rest encryption can be set only at the time of the creation of the cluster. To fix this issue, create a new cluster with at-rest encryption, migrate all required ElastiCache Redis cluster data from the unencrypted cluster to the new cluster, and then delete the old cluster. To create new ElastiCache Redis cluster with at-rest encryption set, perform the following:
On the ‘ Create your Amazon ElastiCache cluster ‘ page: