Skip to main content

aws_elasticache_clusters resource

Use the aws_elasticache_clusters InSpec audit resource to test the properties of all AWS ElastiCache clusters. To audit a single ElastiCache cluster, use aws_elasticache_cluster (singular).

Syntax

An aws_elasticache_clusters resource block collects a group of ElastiCache cluster descriptions and then tests that group.

describe aws_elasticache_clusters
  it { should exist }
end

Parameters

This resource does not require any parameters.

Properties

ids
The user-supplied identifier of the cluster. This identifier is a unique key that identifies a cluster.
node_types
The name of the compute and memory capacity node type for the cluster, e.g. cache.m5.large.
engines
The name of the cache engine, e.g. redis.
status
The current state of the cluster, e.g. creating, available.
zones
The name of the availability zone in which the cluster is located or “Multiple” if the cache nodes are located in different availability zones.
subnet_group_names
The name of the cache subnet group.
encrypted_at_rest
Indicates whether the content is encrypted at rest or not.
encrypted_at_transit
Indicates whether the content is encrypted at transit or not.

Examples

Ensure that exactly 3 ElastiCache clusters exist:

describe aws_elasticache_clusters do
  its("entries.count") { should cmp 3 }
end

Use this InSpec resource to request the IDs of all ElastiCache clusters, then test in-depth using aws_elasticache_cluster and aws_elasticache_cluster_node:

aws_elasticache_clusters.ids.each do |id|
  aws_elasticache_cluster(id).node_ids.each do |node_id|
    describe aws_elasticache_cluster_node(cache_cluster_id: id, node_id: node_id) do
      it { should exist }
    end
  end
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

exist

The control will pass if the describe returns at least one result.

Use should_not to test the entity should not exist.

describe aws_elasticache_clusters.where( <property>: <value>) do
  it { should exist }
end

describe aws_elasticache_clusters.where( <property>: <value>) do
  it { should_not exist }
end

AWS Permissions

Your AWS principal will need the ElastiCache:Client:CacheClusterMessage action with Effect set to Allow.

You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon ElastiCache, and Actions, Resources, and Condition Keys for Identity And Access Management.

Thank you for your feedback!

×