aws_elasticache_clusters resource
Use the aws_elasticache_clusters InSpec audit resource to test the properties of all AWS ElastiCache clusters. To audit a single ElastiCache cluster, use aws_elasticache_cluster (singular).
Syntax
An aws_elasticache_clusters resource block collects a group of ElastiCache cluster descriptions and then tests that group.
describe aws_elasticache_clusters
it { should exist }
end
Parameters
This resource does not expect any parameters.
Properties
| Property | Description |
|---|---|
| ids | The user-supplied identifier of the cluster. This identifier is a unique key that identifies a cluster. |
| node_types | The name of the compute and memory capacity node type for the cluster, e.g. cache.m5.large. |
| engines | The name of the cache engine, e.g. redis. |
| status | The current state of the cluster, e.g. creating, available. |
| zones | The name of the availability zone in which the cluster is located or “Multiple” if the cache nodes are located in different availability zones. |
| subnet_group_names | The name of the cache subnet group. |
| encrypted_at_rest | Indicates whether the content is encrypted at rest or not. |
| encrypted_at_transit | Indicates whether the content is encrypted at transit or not. |
Examples
Ensure that exactly 3 ElastiCache clusters exist
describe aws_elasticache_clusters do
its("entries.count") { should cmp 3 }
end
Use this InSpec resource to request the IDs of all ElastiCache clusters, then test in-depth using aws_elasticache_cluster and aws_elasticache_cluster_node.
aws_elasticache_clusters.ids.each do |id|
aws_elasticache_cluster(id).node_ids.each do |node_id|
describe aws_elasticache_cluster_node(cache_cluster_id: id, node_id: node_id) do
it { should exist }
end
end
end
Matchers
For a full list of available matchers, please visit our Universal Matchers page.
exist
The control will pass if the describe returns at least one result.
Use should_not to test the entity should not exist.
describe aws_elasticache_clusters.where( <property>: <value>) do
it { should exist }
end
describe aws_elasticache_clusters.where( <property>: <value>) do
it { should_not exist }
end
AWS Permissions
Your Principal will need the elasticache:DescribeCacheClusters action set to allow.
You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon ElastiCache, and Actions, Resources, and Condition Keys for Identity And Access Management.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/inspec/resources/aws_elasticache_clusters/