Table: aws_elasticache_replication_group - Query AWS ElastiCache Replication Groups using SQL
The AWS ElastiCache Replication Group is a feature of AWS ElastiCache that allows you to create a group of one or more cache clusters that are managed as a single entity. This enables the automatic partitioning of your data across multiple shards, providing enhanced performance, reliability, and scalability. Replication groups also support automatic failover, providing a high level of data availability.
Table Usage Guide
The aws_elasticache_replication_group
table in Steampipe provides you with information about replication groups within AWS ElastiCache. This table allows you, as a DevOps engineer, to query group-specific details, including configuration, status, and associated resources. You can utilize this table to gather insights on replication groups, such as their current status, associated cache clusters, node types, and more. The schema outlines the various attributes of the replication group for you, including the replication group ID, status, description, and associated tags.
Examples
Basic info
Determine the areas in which automatic failover is enabled in AWS ElastiCache, as well as whether authentication tokens are being used, to enhance security and ensure data redundancy. This query helps in identifying potential vulnerabilities and improving disaster recovery strategies.
select replication_group_id, description, cache_node_type, cluster_enabled, auth_token_enabled, automatic_failoverfrom aws_elasticache_replication_group;
select replication_group_id, description, cache_node_type, cluster_enabled, auth_token_enabled, automatic_failoverfrom aws_elasticache_replication_group;
List replication groups that are not encrypted at rest
Identify instances where replication groups in AWS ElastiCache are not encrypted at rest. This is useful to ensure data security by pinpointing potential vulnerabilities.
select replication_group_id, cache_node_type, at_rest_encryption_enabledfrom aws_elasticache_replication_groupwhere not at_rest_encryption_enabled;
select replication_group_id, cache_node_type, at_rest_encryption_enabledfrom aws_elasticache_replication_groupwhere at_rest_encryption_enabled = 0;
List replication groups with multi-AZ disabled
Determine the areas in which replication groups have multi-AZ disabled to assess potential vulnerabilities in your AWS ElastiCache setup.
select replication_group_id, cache_node_type, multi_azfrom aws_elasticache_replication_groupwhere multi_az = 'disabled';
select replication_group_id, cache_node_type, multi_azfrom aws_elasticache_replication_groupwhere multi_az = 'disabled';
List replication groups whose backup retention period is less than 30 days
Determine the areas in which backup retention periods for replication groups fall short of a 30-day standard, allowing for timely adjustments to ensure data safety.
select replication_group_id, snapshot_retention_limit, snapshot_window, snapshotting_cluster_idfrom aws_elasticache_replication_groupwhere snapshot_retention_limit < 30;
select replication_group_id, snapshot_retention_limit, snapshot_window, snapshotting_cluster_idfrom aws_elasticache_replication_groupwhere snapshot_retention_limit < 30;
List replication groups by node type
Explore which node types are used in your replication groups and determine their frequency. This can help optimize resource allocation and improve system performance.
select cache_node_type, count (*)from aws_elasticache_replication_groupgroup by cache_node_type;
select cache_node_type, count (*)from aws_elasticache_replication_groupgroup by cache_node_type;
List member clusters for each replication group
Explore the relationships within your replication groups by identifying which member clusters belong to each group. This helps in understanding the distribution and organization of your data across different clusters.
select replication_group_id, jsonb_array_elements_text(member_clusters) as member_clustersfrom aws_elasticache_replication_group;
select replication_group_id, json_each.value as member_clustersfrom aws_elasticache_replication_group, json_each( aws_elasticache_replication_group.member_clusters );
Schema for aws_elasticache_replication_group
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
arn | text | The ARN (Amazon Resource Name) of the replication group. | |
at_rest_encryption_enabled | boolean | A flag that enables encryption at-rest when set to true. | |
auth_token_enabled | boolean | A flag that enables using an AuthToken (password) when issuing Redis commands. | |
auth_token_last_modified_date | timestamp with time zone | The date when the auth token was last modified. | |
auto_minor_version_upgrade | boolean | If you are running Redis engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next auto minor version upgrade campaign. | |
automatic_failover | text | Indicates the status of automatic failover for this Redis replication group. | |
cache_node_type | text | The name of the compute and memory capacity node type for each node in the replication group. | |
cluster_enabled | boolean | A flag indicating whether or not this replication group is cluster enabled. | |
cluster_mode | text | Enabled or Disabled. To modify cluster mode from Disabled to Enabled, you must first set the cluster mode to Compatible. | |
configuration_endpoint | jsonb | The configuration endpoint for this replication group. | |
data_tiering | text | Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. | |
description | text | The user supplied description of the replication group. | |
global_replication_group_info | jsonb | The name of the Global Datastore and role of this replication group in the Global Datastore. | |
ip_discovery | text | The network type associated with the cluster, either ipv4 | ipv6. | |
kms_key_id | text | The ID of the KMS key used to encrypt the disk in the cluster. | |
log_delivery_configurations | jsonb | Returns the destination, format and type of the logs. | |
member_clusters | jsonb | The names of all the cache clusters that are part of this replication group. | |
member_clusters_outpost_arns | jsonb | The outpost ARNs of the replication group's member clusters. | |
multi_az | text | A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. | |
network_type | text | Must be either ipv4 | ipv6 | dual_stack. | |
node_groups | jsonb | A list of node groups in this replication group. | |
partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
pending_modified_values | jsonb | A group of settings to be applied to the replication group, either immediately or during the next maintenance window. | |
region | text | The AWS Region in which the resource is located. | |
replication_group_create_time | timestamp with time zone | The date and time when the cluster was created. | |
replication_group_id | text | = | The identifier for the replication group. |
snapshot_retention_limit | bigint | The number of days for which ElastiCache retains automatic cluster snapshots before deleting them. | |
snapshot_window | text | The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard). | |
snapshotting_cluster_id | text | The cluster ID that is used as the daily snapshot source for the replication group. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
status | text | The current state of this replication group - creating, available, modifying, deleting, create-failed, snapshotting. | |
title | text | Title of the resource. | |
transit_encryption_enabled | boolean | A flag that enables in-transit encryption when set to true. | |
transit_encryption_mode | text | A setting that allows you to migrate your clients to use in-transit encryption, with no downtime. | |
user_group_ids | jsonb | The list of user group IDs that have access to the replication group. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws
You can pass the configuration to the command with the --config
argument:
steampipe_export_aws --config '<your_config>' aws_elasticache_replication_group