aws_elasticache_replication

Use the aws_elasticache_replication_group InSpec audit resource to test the properties of a single Amazon ElastiCache replication group.

Syntax

An aws_elasticache_replication_group resource block declares the tests for a single Amazon ElastiCache replication group by replication_group_id.

describe aws_elasticache_replication_group(replication_group_id: 'my-replication-group-123') do
  it { should exist }
end

The value of the replication_group_id can be provided as a string.

describe aws_elasticache_replication_group('my-replication-group-123') do
  it { should exist }
end

The ElastiCache replication group ID is required.

replication_group_id (required)

The ID of the ElastiCache replication group:

: It can be passed either as a string or as a replication_group_id: 'value' key-value entry in a hash.

replication_group_id: The user-supplied identifier of the replication group. This identifier is a unique key that identifies a replication group.
status: The current state of the replication group, e.g. creating, available.
encrypted_at_rest: Indicates whether the content is encrypted at rest or not.
encrypted_at_transit: Indicates whether the content is encrypted at transit or not.

There are also additional properties available. For a comprehensive list, see the API reference documentation.

Test that an ElastiCache replication group is available:

describe aws_elasticache_replication_group('my-replication-group-123') do
    its("status") { should eq 'available' }
end

For a full list of available matchers, see our Universal Matchers page.

This resource has the following special matchers.

describe aws_elasticache_replication_group('my-replication-group-123') do
    it { should exist }
end

describe aws_elasticache_replication_group('my-replication-group-123') do
    it { should be_encrypted_at_rest }
end

Your AWS principal will need the ElastiCache:Client:ReplicationGroupMessage action with Effect set to Allow.