Support at-rest and in-transit encryption when creating ElastiCache clusters

[paulyhedral]

The API call to create an ElastiCache cache cluster does not support the options to enable at-rest or in-transit encryption.

ec = boto3.client('elasticache')
ec.create_cache_cluster(
    ...,
    AtRestEncryptionEnabled=True,
    ...)

results in the error:

botocore.exceptions.ParamValidationError: Parameter validation failed:
Unknown parameter in input: "AtRestEncryptionEnabled", must be one of: CacheClusterId, ReplicationGroupId, AZMode, PreferredAvailabilityZone, PreferredAvailabilityZones, NumCacheNodes, CacheNodeType, Engine, EngineVersion, CacheParameterGroupName, CacheSubnetGroupName, CacheSecurityGroupNames, SecurityGroupIds, Tags, SnapshotArns, SnapshotName, PreferredMaintenanceWindow, Port, NotificationTopicArn, AutoMinorVersionUpgrade, SnapshotRetentionLimit, SnapshotWindow, AuthToken

[JordonPhillips]

This is not available in the service api, so it is not something we can add in boto3. If this is something you want to see, I would recommend asking the service team via their forums or support.

[dc-currenxie]

Since this is coming when I google this... you've got to use Create Replication Group instead of create cluster: https://docs.aws.amazon.com/cli/latest/reference/elasticache/create-replication-group.html