Skip to main content

aws_elasticache_replication_group Resource

Use the aws_elasticache_replication_group InSpec audit resource to test the properties of a single Amazon ElastiCache replication group.

Install

This resource is available in the Chef InSpec AWS resource pack.

For information on configuring your AWS environment for Chef InSpec and creating an InSpec profile that uses the InSpec AWS resource pack, see the Chef InSpec documentation on the AWS cloud platform.

Syntax

An aws_elasticache_replication_group resource block declares the tests for a single Amazon ElastiCache replication group by replication_group_id.

describe aws_elasticache_replication_group(replication_group_id: 'my-replication-group-123') do
  it { should exist }
end

The value of the replication_group_id can be provided as a string.

describe aws_elasticache_replication_group('my-replication-group-123') do
  it { should exist }
end

Parameters

The ElastiCache replication group ID is required.

replication_group_id (required)

The ID of the ElastiCache replication group:

  • must contain between 1 and 50 alphanumeric characters or hyphens
  • should start with a letter
  • cannot end with a hyphen or contain two consecutive hyphens

It can be passed either as a string or as a replication_group_id: 'value' key-value entry in a hash.

Properties

replication_group_id
The user-supplied identifier of the replication group. This identifier is a unique key that identifies a replication group.
status
The current state of the replication group, e.g. creating, available.
encrypted_at_rest
Indicates whether the content is encrypted at rest or not.
encrypted_at_transit
Indicates whether the content is encrypted at transit or not.

There are also additional properties available. For a comprehensive list, see the API reference documentation.

Examples

Test that an ElastiCache replication group is available.

describe aws_elasticache_replication_group('my-replication-group-123') do
    its("status") { should eq 'available' }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

This resource has the following special matchers.

exist

describe aws_elasticache_replication_group('my-replication-group-123') do
    it { should exist }
end

be_encrypted_at_rest

describe aws_elasticache_replication_group('my-replication-group-123') do
    it { should be_encrypted_at_rest }
end

AWS Permissions

Your Principal will need the ElastiCache:Client:ReplicationGroupMessage action with Effect set to Allow.

You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon ElastiCache, and Actions, Resources, and Condition Keys for Identity And Access Management.

Edit this page on GitHub

Thank you for your feedback!

×