# ElastiCache examples using AWS CLI with Bash script
The following code examples show you how to perform actions and implement common scenarios by using the AWS Command Line Interface with Bash script with ElastiCache.
*Scenarios* are code examples that show you how to accomplish specific tasks by calling multiple functions within a service or combined with other AWS services.
Each example includes a link to the complete source code, where you can find instructions on how to set up and run the code in context.
**Topics**
+ [Scenarios](#scenarios)
## Scenarios
### Getting started with Amazon ElastiCache
The following code example shows how to:
+ Set up security group for ElastiCache access
+ Create a Valkey serverless cache
+ Clean up resources
**AWS CLI with Bash script**
There's more on GitHub. Find the complete example and learn how to set up and run in the [Sample developer tutorials](https://github.com/aws-samples/sample-developer-tutorials/tree/main/tuts/065-amazon-elasticache-gs) repository.
```
#!/bin/bash
# Amazon ElastiCache Getting Started Script
# This script creates a Valkey serverless cache, configures security groups,
# and demonstrates how to connect to and use the cache.
# Set up logging
LOG_FILE="elasticache_tutorial_$(date +%Y%m%d_%H%M%S).log"
exec > >(tee -a "$LOG_FILE") 2>&1
echo "Starting ElastiCache tutorial script. Logging to $LOG_FILE"
echo "============================================================"
# Function to handle errors
handle_error() {
echo "ERROR: $1"
echo "Resources created:"
if [ -n "$CACHE_NAME" ]; then
echo "- ElastiCache serverless cache: $CACHE_NAME"
fi
if [ -n "$SG_RULE_6379" ] || [ -n "$SG_RULE_6380" ]; then
echo "- Security group rules for ports 6379 and 6380"
fi
echo "Please clean up these resources manually."
exit 1
}
# Generate a random identifier for resource names
RANDOM_ID=$(LC_ALL=C tr -dc 'a-z0-9' < /dev/urandom | fold -w 8 | head -n 1)
CACHE_NAME="valkey-cache-${RANDOM_ID}"
echo "Using cache name: $CACHE_NAME"
# Step 1: Set up security group for ElastiCache access
echo "Step 1: Setting up security group for ElastiCache access..."
# Get default security group ID
echo "Getting default security group ID..."
SG_ID=$(aws ec2 describe-security-groups \
--filters Name=group-name,Values=default \
--query "SecurityGroups[0].GroupId" \
--output text)
if [[ -z "$SG_ID" || "$SG_ID" == "None" ]]; then
handle_error "Failed to get default security group ID"
fi
echo "Default security group ID: $SG_ID"
# Add inbound rule for port 6379
echo "Adding inbound rule for port 6379..."
SG_RULE_6379=$(aws ec2 authorize-security-group-ingress \
--group-id "$SG_ID" \
--protocol tcp \
--port 6379 \
--cidr 0.0.0.0/0 \
--query "SecurityGroupRules[0].SecurityGroupRuleId" \
--output text 2>&1)
# Check for errors in the output
if echo "$SG_RULE_6379" | grep -i "error" > /dev/null; then
# If the rule already exists, this is not a fatal error
if echo "$SG_RULE_6379" | grep -i "already exists" > /dev/null; then
echo "Rule for port 6379 already exists, continuing..."
SG_RULE_6379="existing"
else
handle_error "Failed to add security group rule for port 6379: $SG_RULE_6379"
fi
fi
# Add inbound rule for port 6380
echo "Adding inbound rule for port 6380..."
SG_RULE_6380=$(aws ec2 authorize-security-group-ingress \
--group-id "$SG_ID" \
--protocol tcp \
--port 6380 \
--cidr 0.0.0.0/0 \
--query "SecurityGroupRules[0].SecurityGroupRuleId" \
--output text 2>&1)
# Check for errors in the output
if echo "$SG_RULE_6380" | grep -i "error" > /dev/null; then
# If the rule already exists, this is not a fatal error
if echo "$SG_RULE_6380" | grep -i "already exists" > /dev/null; then
echo "Rule for port 6380 already exists, continuing..."
SG_RULE_6380="existing"
else
handle_error "Failed to add security group rule for port 6380: $SG_RULE_6380"
fi
fi
echo "Security group rules added successfully."
echo ""
echo "SECURITY NOTE: The security group rules created allow access from any IP address (0.0.0.0/0)."
echo "This is not recommended for production environments. For production,"
echo "you should restrict access to specific IP ranges or security groups."
echo ""
# Step 2: Create a Valkey serverless cache
echo "Step 2: Creating Valkey serverless cache..."
CREATE_RESULT=$(aws elasticache create-serverless-cache \
--serverless-cache-name "$CACHE_NAME" \
--engine valkey 2>&1)
# Check for errors in the output
if echo "$CREATE_RESULT" | grep -i "error" > /dev/null; then
handle_error "Failed to create serverless cache: $CREATE_RESULT"
fi
echo "Cache creation initiated. Waiting for cache to become available..."
# Step 3: Check the status of the cache creation
echo "Step 3: Checking cache status..."
# Wait for the cache to become active
MAX_ATTEMPTS=30
ATTEMPT=1
CACHE_STATUS=""
while [[ $ATTEMPT -le $MAX_ATTEMPTS ]]; do
echo "Checking cache status (attempt $ATTEMPT of $MAX_ATTEMPTS)..."
DESCRIBE_RESULT=$(aws elasticache describe-serverless-caches \
--serverless-cache-name "$CACHE_NAME" 2>&1)
# Check for errors in the output
if echo "$DESCRIBE_RESULT" | grep -i "error" > /dev/null; then
handle_error "Failed to describe serverless cache: $DESCRIBE_RESULT"
fi
# Extract status using grep and awk for more reliable parsing
CACHE_STATUS=$(echo "$DESCRIBE_RESULT" | grep -o '"Status": "[^"]*"' | awk -F'"' '{print $4}')
echo "Current status: $CACHE_STATUS"
if [[ "${CACHE_STATUS,,}" == "available" ]]; then
echo "Cache is now available!"
break
elif [[ "${CACHE_STATUS,,}" == "create-failed" ]]; then
handle_error "Cache creation failed. Please check the AWS console for details."
fi
if [[ $ATTEMPT -lt $MAX_ATTEMPTS ]]; then
echo "Waiting 30 seconds..."
sleep 30
fi
((ATTEMPT++))
done
if [[ "${CACHE_STATUS,,}" != "available" ]]; then
handle_error "Cache did not become available within the expected time. Last status: $CACHE_STATUS"
fi
# Step 4: Find your cache endpoint
echo "Step 4: Getting cache endpoint..."
ENDPOINT=$(aws elasticache describe-serverless-caches \
--serverless-cache-name "$CACHE_NAME" \
--query "ServerlessCaches[0].Endpoint.Address" \
--output text)
if [[ -z "$ENDPOINT" || "$ENDPOINT" == "None" ]]; then
handle_error "Failed to get cache endpoint"
fi
echo "Cache endpoint: $ENDPOINT"
# Step 5: Instructions for connecting to the cache
echo ""
echo "============================================================"
echo "Your Valkey serverless cache has been successfully created!"
echo "Cache Name: $CACHE_NAME"
echo "Endpoint: $ENDPOINT"
echo "============================================================"
echo ""
echo "To connect to your cache from an EC2 instance, follow these steps:"
echo ""
echo "1. Install valkey-cli on your EC2 instance:"
echo " sudo amazon-linux-extras install epel -y"
echo " sudo yum install gcc jemalloc-devel openssl-devel tcl tcl-devel -y"
echo " wget https://github.com/valkey-io/valkey/archive/refs/tags/8.0.0.tar.gz"
echo " tar xvzf 8.0.0.tar.gz"
echo " cd valkey-8.0.0"
echo " make BUILD_TLS=yes"
echo ""
echo "2. Connect to your cache using valkey-cli:"
echo " src/valkey-cli -h $ENDPOINT --tls -p 6379"
echo ""
echo "3. Once connected, you can run commands like:"
echo " set mykey \"Hello ElastiCache\""
echo " get mykey"
echo ""
# Prompt for cleanup
echo ""
echo "==========================================="
echo "CLEANUP CONFIRMATION"
echo "==========================================="
echo "Resources created:"
echo "- ElastiCache serverless cache: $CACHE_NAME"
if [ "$SG_RULE_6379" != "existing" ] || [ "$SG_RULE_6380" != "existing" ]; then
echo "- Security group rules for ports 6379 and 6380"
fi
echo ""
echo "Do you want to clean up all created resources? (y/n): "
read -r CLEANUP_CHOICE
if [[ "${CLEANUP_CHOICE,,}" == "y" ]]; then
echo "Starting cleanup process..."
# Step 7: Delete the cache
echo "Deleting serverless cache $CACHE_NAME..."
DELETE_RESULT=$(aws elasticache delete-serverless-cache \
--serverless-cache-name "$CACHE_NAME" 2>&1)
# Check for errors in the output
if echo "$DELETE_RESULT" | grep -i "error" > /dev/null; then
echo "WARNING: Failed to delete serverless cache: $DELETE_RESULT"
echo "Please delete the cache manually from the AWS console."
else
echo "Cache deletion initiated. This may take several minutes to complete."
fi
# Only attempt to remove security group rules if we created them
if [ "$SG_RULE_6379" != "existing" ]; then
echo "Removing security group rule for port 6379..."
aws ec2 revoke-security-group-ingress \
--group-id "$SG_ID" \
--protocol tcp \
--port 6379 \
--cidr 0.0.0.0/0
fi
if [ "$SG_RULE_6380" != "existing" ]; then
echo "Removing security group rule for port 6380..."
aws ec2 revoke-security-group-ingress \
--group-id "$SG_ID" \
--protocol tcp \
--port 6380 \
--cidr 0.0.0.0/0
fi
echo "Cleanup completed."
else
echo "Cleanup skipped. Resources will remain in your AWS account."
echo "To clean up later, run:"
echo "aws elasticache delete-serverless-cache --serverless-cache-name $CACHE_NAME"
if [ "$SG_RULE_6379" != "existing" ] || [ "$SG_RULE_6380" != "existing" ]; then
echo "And remove the security group rules for ports 6379 and 6380 from security group $SG_ID"
fi
fi
echo ""
echo "Script completed. See $LOG_FILE for the full log."
echo "============================================================"
```
+ For API details, see the following topics in *AWS CLI Command Reference*.
+ [AuthorizeSecurityGroupIngress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/AuthorizeSecurityGroupIngress)
+ [CreateServerlessCache](https://docs.aws.amazon.com/goto/aws-cli/elasticache-2015-02-02/CreateServerlessCache)
+ [DeleteServerlessCache](https://docs.aws.amazon.com/goto/aws-cli/elasticache-2015-02-02/DeleteServerlessCache)
+ [DescribeSecurityGroups](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/DescribeSecurityGroups)
+ [DescribeServerlessCaches](https://docs.aws.amazon.com/goto/aws-cli/elasticache-2015-02-02/DescribeServerlessCaches)
+ [RevokeSecurityGroupIngress](https://docs.aws.amazon.com/goto/aws-cli/ec2-2016-11-15/RevokeSecurityGroupIngress)