AWS ElastiCache User

aws_elasticache_user (Terraform)

The User in ElastiCache can be configured in Terraform with the resource name aws_elasticache_user. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

The following arguments are required:

• access_string - (Required) Access permissions string used for this user. See Specifying Permissions Using an Access String for more details.
• engine - (Required) The current supported value is REDIS.
• user_id - (Required) The ID of the user.
• user_name - (Required) The username of the user.

The following arguments are optional:

• no_password_required - (Optional) Indicates a password is not required for this user.
• passwords - (Optional) Passwords used for this user. You can create up to two passwords for each user.
• tags - (Optional) A list of tags to be added to this resource. A tag is a key-value pair.

In addition to all arguments above, the following attributes are exported:

• arn - The ARN of the created ElastiCache User.

Explanation in Terraform Registry

Provides an ElastiCache user resource.

Note: All arguments including the username and passwords will be stored in the raw state as plain-text. Read more about sensitive data in state.

Tips: Best Practices for The Other AWS ElastiCache Resources

In addition to the aws_elasticache_cluster, AWS ElastiCache has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

aws_elasticache_cluster

Ensure to enable backup retention of Elasitcache

It's better to take snapshots of Redis clusters to improve data availability.

aws_elasticache_replication_group

Ensure to enable in-transit encryption of ElastiCache

It's better to enable in-transit encryption of ElastiCahe. If the ElastiCache replication group uses unencrypted traffic, it is vulnerable to meet-in-the-middle (MITM) attacks.