Describe the bug
The rule looks for encryption to be enabled on all resources of type aws_elasticache_replication_group. However, setting transit_encryption_enabled on a aws_elasticache_replication_group with the global_replication_group_id results in an error: "global_replication_group_id": conflicts with transit_encryption_enabled. The rule should only look for the property on aws_elasticache_replication_group instances with global_replication_group_id unset (primary)