awselasticachecluster

Use the aws_elasticache_cluster InSpec audit resource to test the properties of a single AWS ElastiCache cluster.

Syntax

An aws_elasticache_cluster resource block declares the tests for a single AWS ElastiCache cluster by cache_cluster_id.

describe aws_elasticache_cluster(cache_cluster_id: 'my-cluster-123') do
  it { should exist }
end

The value of the cache_cluster_id can be provided as a string.

describe aws_elasticache_cluster('my-cluster-123') do
  its('engine') { should cmp 'redis' }
end

Parameters

The ElastiCache cluster ID must be provided.

cache_cluster_id (required)

The ID of the ElastiCache cluster: - contains between 1 and 50 alphanumeric characters or hyphens, - should start with a letter, - cannot end with a hyphen or contain two consecutive hyphens.

It can be passed either as a string or as a cache_cluster_id: 'value' key-value entry in a hash.

Properties

Property Description
cache_cluster_id The user-supplied identifier of the cluster. This identifier is a unique key that identifies a cluster.
engine The name of the cache engine, e.g. redis.
node_ids The id list of all cluster nodes.
ports A hash of the node ID and port number pairs.
status The current state of the cluster, e.g. creating, available.
encrypted_at_rest Indicates whether the content is encrypted at rest or not.
encrypted_at_transit Indicates whether the content is encrypted at transit or not.

There are also additional properties available. For a comprehensive list, see the API reference documentation.

Examples

Test that an ElastiCache cluster is available
describe aws_elasticache_cluster("my-cluster-123") do
    its("status") { should eq 'available' }
end
Test that an Elasticache cluster engine is listening on port 11211
describe aws_elasticache_cluster(cache_cluster_id: "my-cluster-123") do
    its("port") { should cmp 11211 }
end
Test that an Elasticache cluster’s engine version is 1.5.16
describe aws_elasticache_cluster(cache_cluster_id: "my-cluster-123") do
    its("engine_version") { should cmp 1.5.16 }
end

Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our matchers page.

exist

describe aws_elasticache_cluster(cache_cluster_id: "my-cluster-123") do
    it { should exist }
end
beencryptedat_rest
describe aws_elasticache_cluster(cache_cluster_id: "my-cluster-123") do
    it { should be_encrypted_at_rest }
end

AWS Permissions

Your Principal will need the elasticache:DescribeCacheClusters action set to allow.

You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon ElastiCache, and Actions, Resources, and Condition Keys for Identity And Access Management.