feat(elasticache): Ensure Redis replication groups have automatic failover enabled

[HugoPBrito]

Context

A check was done to ensure ElastiCache (Redis OSS) replication groups have automatic failover enabled for high availability.

Description

I added a new check elasticache_redis_cluster_automatic_failover_enabled that ensures Elasticache Redis OSS cache clusters use automatic failover to maximize high availability and minimize downtime during failures.

Checklist

• Are there new checks included in this PR? Yes / No
  • If so, do we need to update permissions for the provider? Please review this carefully.
• Review if the code is being covered by tests.
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 88.93%. Comparing base (b7e2034) to head (7b62c9c).
Report is 1293 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4853      +/-   ##
==========================================
- Coverage   89.20%   88.93%   -0.28%     
==========================================
  Files         933      954      +21     
  Lines       28567    29256     +689     
==========================================
+ Hits        25483    26018     +535     
- Misses       3084     3238     +154     

Components	Coverage Δ
prowler	88.93% <100.00%> (-0.28%)	⬇️
api	∅ <ø> (∅)

[MrCloudSec]

You are already setting a default value when creating the model inside the function.

Suggested change

	auto_minor_version_upgrade: bool = False
	automatic_failover: Optional[str] = None
	auto_minor_version_upgrade: bool
	automatic_failover: str

[HugoPBrito]

If I don't set the default value here, several tests for this and other checks will fail as a result. This occurs because when we mock them, the value is never assigned.

Should I leave it as it was, or should I update every mock instance across all checks?

[MrCloudSec]

We always set the non-compliant value as the default.

Suggested change

	"AutomaticFailover", None
	"AutomaticFailover", "disabled"

[MrCloudSec]

Suggested change

	automatic_failover=None,
	automatic_failover="disabled",

[puchy22]

I think we should now something more like: elasticache_replication_group_redis_has_automatic_failover

[puchy22]

I think this ResourceType is not supported by AWS, please refer to the docs

[puchy22]

Suggested change

	report.status_extended = f"Elasticache Redis cache cluster {repl_group.id} does not have automatic failover enabled."
	report.status_extended = f"ElastiCache Redis replication group {repl_group.id} does not have automatic failover enabled."

[puchy22]

Change this according to new changes in the checks

[puchy22]

I think this link is not working as expected, the tags at the end are not doing anything. And I cannot see the Automatic Failover recommendation. Please, review it.

[puchy22]

LGTM!