AWS ElastiCache User Group
This page shows how to write Terraform and CloudFormation for ElastiCache User Group and write them securely.
aws_elasticache_user_group (Terraform)
The User Group in ElastiCache can be configured in Terraform with the resource name aws_elasticache_user_group
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
The following arguments are required:
engine
- (Required) The current supported value isREDIS
.user_group_id
- (Required) The ID of the user group.
The following arguments are optional:
user_ids
- (Optional) The list of user IDs that belong to the user group.
In addition to all arguments above, the following attributes are exported:
id
- The user group identifier.
Explanation in Terraform Registry
Provides an ElastiCache user group resource.
Tips: Best Practices for The Other AWS ElastiCache Resources
In addition to the aws_elasticache_cluster, AWS ElastiCache has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
aws_elasticache_cluster
Ensure to enable backup retention of Elasitcache
It's better to take snapshots of Redis clusters to improve data availability.
aws_elasticache_replication_group
Ensure to enable in-transit encryption of ElastiCache
It's better to enable in-transit encryption of ElastiCahe. If the ElastiCache replication group uses unencrypted traffic, it is vulnerable to meet-in-the-middle (MITM) attacks.
AWS::ElastiCache::UserGroup (CloudFormation)
The UserGroup in ElastiCache can be configured in CloudFormation with the resource name AWS::ElastiCache::UserGroup
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
UserGroupId
required - String -
Engine
required - String -
UserIds
optional - List
Explanation in CloudFormation Registry
For Redis engine version 6.
x onwards: Creates a Redis user group. For more information, see Using Role Based Access Control (RBAC)