steampipe plugin install aws

Table: aws_elasticache_replication_group - Query AWS ElastiCache Replication Groups using SQL

The AWS ElastiCache Replication Group is a feature of AWS ElastiCache that allows you to create a group of one or more cache clusters that are managed as a single entity. This enables the automatic partitioning of your data across multiple shards, providing enhanced performance, reliability, and scalability. Replication groups also support automatic failover, providing a high level of data availability.

Table Usage Guide

The aws_elasticache_replication_group table in Steampipe provides you with information about replication groups within AWS ElastiCache. This table allows you, as a DevOps engineer, to query group-specific details, including configuration, status, and associated resources. You can utilize this table to gather insights on replication groups, such as their current status, associated cache clusters, node types, and more. The schema outlines the various attributes of the replication group for you, including the replication group ID, status, description, and associated tags.

Examples

Basic info

Determine the areas in which automatic failover is enabled in AWS ElastiCache, as well as whether authentication tokens are being used, to enhance security and ensure data redundancy. This query helps in identifying potential vulnerabilities and improving disaster recovery strategies.

select
replication_group_id,
description,
cache_node_type,
cluster_enabled,
auth_token_enabled,
automatic_failover
from
aws_elasticache_replication_group;
select
replication_group_id,
description,
cache_node_type,
cluster_enabled,
auth_token_enabled,
automatic_failover
from
aws_elasticache_replication_group;

List replication groups that are not encrypted at rest

Identify instances where replication groups in AWS ElastiCache are not encrypted at rest. This is useful to ensure data security by pinpointing potential vulnerabilities.

select
replication_group_id,
cache_node_type,
at_rest_encryption_enabled
from
aws_elasticache_replication_group
where
not at_rest_encryption_enabled;
select
replication_group_id,
cache_node_type,
at_rest_encryption_enabled
from
aws_elasticache_replication_group
where
at_rest_encryption_enabled = 0;

List replication groups with multi-AZ disabled

Determine the areas in which replication groups have multi-AZ disabled to assess potential vulnerabilities in your AWS ElastiCache setup.

select
replication_group_id,
cache_node_type,
multi_az
from
aws_elasticache_replication_group
where
multi_az = 'disabled';
select
replication_group_id,
cache_node_type,
multi_az
from
aws_elasticache_replication_group
where
multi_az = 'disabled';

List replication groups whose backup retention period is less than 30 days

Determine the areas in which backup retention periods for replication groups fall short of a 30-day standard, allowing for timely adjustments to ensure data safety.

select
replication_group_id,
snapshot_retention_limit,
snapshot_window,
snapshotting_cluster_id
from
aws_elasticache_replication_group
where
snapshot_retention_limit < 30;
select
replication_group_id,
snapshot_retention_limit,
snapshot_window,
snapshotting_cluster_id
from
aws_elasticache_replication_group
where
snapshot_retention_limit < 30;

List replication groups by node type

Explore which node types are used in your replication groups and determine their frequency. This can help optimize resource allocation and improve system performance.

select
cache_node_type,
count (*)
from
aws_elasticache_replication_group
group by
cache_node_type;
select
cache_node_type,
count (*)
from
aws_elasticache_replication_group
group by
cache_node_type;

List member clusters for each replication group

Explore the relationships within your replication groups by identifying which member clusters belong to each group. This helps in understanding the distribution and organization of your data across different clusters.

select
replication_group_id,
jsonb_array_elements_text(member_clusters) as member_clusters
from
aws_elasticache_replication_group;
select
replication_group_id,
json_each.value as member_clusters
from
aws_elasticache_replication_group,
json_each(
aws_elasticache_replication_group.member_clusters
);

Schema for aws_elasticache_replication_group

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
account_idtextThe AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
arntextThe ARN (Amazon Resource Name) of the replication group.
at_rest_encryption_enabledbooleanA flag that enables encryption at-rest when set to true.
auth_token_enabledbooleanA flag that enables using an AuthToken (password) when issuing Redis commands.
auth_token_last_modified_datetimestamp with time zoneThe date when the auth token was last modified.
automatic_failovertextIndicates the status of automatic failover for this Redis replication group.
cache_node_typetextThe name of the compute and memory capacity node type for each node in the replication group.
cluster_enabledbooleanA flag indicating whether or not this replication group is cluster enabled.
configuration_endpointjsonbThe configuration endpoint for this replication group.
descriptiontextThe user supplied description of the replication group.
global_replication_group_infojsonbThe name of the Global Datastore and role of this replication group in the Global Datastore.
kms_key_idtextThe ID of the KMS key used to encrypt the disk in the cluster.
member_clustersjsonbThe names of all the cache clusters that are part of this replication group.
member_clusters_outpost_arnsjsonbThe outpost ARNs of the replication group's member clusters.
multi_aztextA flag indicating if you have Multi-AZ enabled to enhance fault tolerance.
node_groupsjsonbA list of node groups in this replication group.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
pending_modified_valuesjsonbA group of settings to be applied to the replication group, either immediately or during the next maintenance window.
regiontextThe AWS Region in which the resource is located.
replication_group_idtext=The identifier for the replication group.
snapshot_retention_limitbigintThe number of days for which ElastiCache retains automatic cluster snapshots before deleting them.
snapshot_windowtextThe daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).
snapshotting_cluster_idtextThe cluster ID that is used as the daily snapshot source for the replication group.
statustextThe current state of this replication group - creating, available, modifying, deleting, create-failed, snapshotting.
titletextTitle of the resource.
transit_encryption_enabledbooleanA flag that enables in-transit encryption when set to true.
user_group_idsjsonbThe list of user group IDs that have access to the replication group.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_elasticache_replication_group