Fetching contributors…
Cannot retrieve contributors at this time
79 lines (49 sloc) 2.98 KB



Occasionally we need to cache data, either for a limited amount of time, or for the duration of a user's session. We have to be mindful of browser-level caching (including scenarios after the user logs out)


On The Server

Our OpenShift cluster is peered with our "Data VPC", AKA "Virtual Private Cloud". We have Terraform playbooks that manage the use of Amazon Elasticache to create performant, in-memory distributed caching environments, using the Redis protocol.

In the Browser

The browser needs to know caching rules to apply, The Cache-Control header field is used to specify directives for caching mechanisms to be applied by the browser.



HTTP Request

If an incoming request contains a Cache-Control directive, parse and process accordingly.

HTTP Response

Ensure appropriate Cache-Control directives are set on outgoing responses that represent the data & user state.


on Logout / Terminate Session

response.set('Cache-Control', 'no-cache, max-age=0, must-revalidate, no-store')


If you need a new Elasticache instance, accessible to either sandbox or main clusters, submit a pull request to our Data VPC Terraform repositories, respectively:

To gain access to Amazon IAM, you can submit a pull request to the Data VPC IAM Terraform repository:

Best practices

  • Treat this like a cache, not a database. Assume all data is ephemeral and can be wiped at any moment.
  • Encrypt any sensitive data using AES-256
  • Set an expiry time to live (TTL), to ensure data is purged often