github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/aws/resource_aws_redshift_cluster_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "log" 6 "math/rand" 7 "regexp" 8 "strings" 9 "testing" 10 "time" 11 12 "github.com/aws/aws-sdk-go/aws" 13 "github.com/aws/aws-sdk-go/aws/awserr" 14 "github.com/aws/aws-sdk-go/service/redshift" 15 "github.com/hashicorp/terraform/helper/acctest" 16 "github.com/hashicorp/terraform/helper/resource" 17 "github.com/hashicorp/terraform/terraform" 18 ) 19 20 func TestValidateRedshiftClusterDbName(t *testing.T) { 21 validNames := []string{ 22 "testdbname", 23 "test_dbname", 24 "testdbname123", 25 "testdbname$hashicorp", 26 "_dbname", 27 } 28 for _, v := range validNames { 29 _, errors := validateRedshiftClusterDbName(v, "name") 30 if len(errors) != 0 { 31 t.Fatalf("%q should be a valid Redshift DBName: %q", v, errors) 32 } 33 } 34 35 invalidNames := []string{ 36 "!", 37 "/", 38 " ", 39 ":", 40 ";", 41 "test name", 42 "/slash-at-the-beginning", 43 "slash-at-the-end/", 44 "", 45 randomString(100), 46 "TestDBname", 47 } 48 for _, v := range invalidNames { 49 _, errors := validateRedshiftClusterDbName(v, "name") 50 if len(errors) == 0 { 51 t.Fatalf("%q should be an invalid Redshift DBName", v) 52 } 53 } 54 } 55 56 func TestAccAWSRedshiftCluster_basic(t *testing.T) { 57 var v redshift.Cluster 58 59 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 60 config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 61 62 resource.Test(t, resource.TestCase{ 63 PreCheck: func() { testAccPreCheck(t) }, 64 Providers: testAccProviders, 65 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 66 Steps: []resource.TestStep{ 67 { 68 Config: config, 69 Check: resource.ComposeTestCheckFunc( 70 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 71 resource.TestCheckResourceAttr( 72 "aws_redshift_cluster.default", "cluster_type", "single-node"), 73 resource.TestCheckResourceAttr( 74 "aws_redshift_cluster.default", "publicly_accessible", "true"), 75 ), 76 }, 77 }, 78 }) 79 } 80 81 func TestAccAWSRedshiftCluster_withFinalSnapshot(t *testing.T) { 82 var v redshift.Cluster 83 84 rInt := acctest.RandInt() 85 86 resource.Test(t, resource.TestCase{ 87 PreCheck: func() { testAccPreCheck(t) }, 88 Providers: testAccProviders, 89 CheckDestroy: testAccCheckAWSRedshiftClusterSnapshot(rInt), 90 Steps: []resource.TestStep{ 91 { 92 Config: testAccAWSRedshiftClusterConfigWithFinalSnapshot(rInt), 93 Check: resource.ComposeTestCheckFunc( 94 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 95 ), 96 }, 97 }, 98 }) 99 } 100 101 func TestAccAWSRedshiftCluster_kmsKey(t *testing.T) { 102 var v redshift.Cluster 103 104 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 105 config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_kmsKey, ri, ri) 106 keyRegex := regexp.MustCompile("^arn:aws:([a-zA-Z0-9\\-])+:([a-z]{2}-[a-z]+-\\d{1})?:(\\d{12})?:(.*)$") 107 108 resource.Test(t, resource.TestCase{ 109 PreCheck: func() { testAccPreCheck(t) }, 110 Providers: testAccProviders, 111 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 112 Steps: []resource.TestStep{ 113 { 114 Config: config, 115 Check: resource.ComposeTestCheckFunc( 116 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 117 resource.TestCheckResourceAttr( 118 "aws_redshift_cluster.default", "cluster_type", "single-node"), 119 resource.TestCheckResourceAttr( 120 "aws_redshift_cluster.default", "publicly_accessible", "true"), 121 resource.TestMatchResourceAttr("aws_redshift_cluster.default", "kms_key_id", keyRegex), 122 ), 123 }, 124 }, 125 }) 126 } 127 128 func TestAccAWSRedshiftCluster_enhancedVpcRoutingEnabled(t *testing.T) { 129 var v redshift.Cluster 130 131 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 132 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled, ri) 133 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled, ri) 134 135 resource.Test(t, resource.TestCase{ 136 PreCheck: func() { testAccPreCheck(t) }, 137 Providers: testAccProviders, 138 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 139 Steps: []resource.TestStep{ 140 { 141 Config: preConfig, 142 Check: resource.ComposeTestCheckFunc( 143 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 144 resource.TestCheckResourceAttr( 145 "aws_redshift_cluster.default", "enhanced_vpc_routing", "true"), 146 ), 147 }, 148 { 149 Config: postConfig, 150 Check: resource.ComposeTestCheckFunc( 151 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 152 resource.TestCheckResourceAttr( 153 "aws_redshift_cluster.default", "enhanced_vpc_routing", "false"), 154 ), 155 }, 156 }, 157 }) 158 } 159 160 func TestAccAWSRedshiftCluster_loggingEnabled(t *testing.T) { 161 var v redshift.Cluster 162 rInt := acctest.RandInt() 163 164 resource.Test(t, resource.TestCase{ 165 PreCheck: func() { testAccPreCheck(t) }, 166 Providers: testAccProviders, 167 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 168 Steps: []resource.TestStep{ 169 { 170 Config: testAccAWSRedshiftClusterConfig_loggingEnabled(rInt), 171 Check: resource.ComposeTestCheckFunc( 172 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 173 resource.TestCheckResourceAttr( 174 "aws_redshift_cluster.default", "enable_logging", "true"), 175 resource.TestCheckResourceAttr( 176 "aws_redshift_cluster.default", "bucket_name", fmt.Sprintf("tf-redshift-logging-%d", rInt)), 177 ), 178 }, 179 180 { 181 Config: testAccAWSRedshiftClusterConfig_loggingDisabled(rInt), 182 Check: resource.ComposeTestCheckFunc( 183 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 184 resource.TestCheckResourceAttr( 185 "aws_redshift_cluster.default", "enable_logging", "false"), 186 ), 187 }, 188 }, 189 }) 190 } 191 192 func TestAccAWSRedshiftCluster_iamRoles(t *testing.T) { 193 var v redshift.Cluster 194 195 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 196 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_iamRoles, ri, ri, ri) 197 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateIamRoles, ri, ri, ri) 198 199 resource.Test(t, resource.TestCase{ 200 PreCheck: func() { testAccPreCheck(t) }, 201 Providers: testAccProviders, 202 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 203 Steps: []resource.TestStep{ 204 { 205 Config: preConfig, 206 Check: resource.ComposeTestCheckFunc( 207 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 208 resource.TestCheckResourceAttr( 209 "aws_redshift_cluster.default", "iam_roles.#", "2"), 210 ), 211 }, 212 213 { 214 Config: postConfig, 215 Check: resource.ComposeTestCheckFunc( 216 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 217 resource.TestCheckResourceAttr( 218 "aws_redshift_cluster.default", "iam_roles.#", "1"), 219 ), 220 }, 221 }, 222 }) 223 } 224 225 func TestAccAWSRedshiftCluster_publiclyAccessible(t *testing.T) { 226 var v redshift.Cluster 227 rInt := acctest.RandInt() 228 229 resource.Test(t, resource.TestCase{ 230 PreCheck: func() { testAccPreCheck(t) }, 231 Providers: testAccProviders, 232 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 233 Steps: []resource.TestStep{ 234 { 235 Config: testAccAWSRedshiftClusterConfig_notPubliclyAccessible(rInt), 236 Check: resource.ComposeTestCheckFunc( 237 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 238 resource.TestCheckResourceAttr( 239 "aws_redshift_cluster.default", "publicly_accessible", "false"), 240 ), 241 }, 242 243 { 244 Config: testAccAWSRedshiftClusterConfig_updatePubliclyAccessible(rInt), 245 Check: resource.ComposeTestCheckFunc( 246 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 247 resource.TestCheckResourceAttr( 248 "aws_redshift_cluster.default", "publicly_accessible", "true"), 249 ), 250 }, 251 }, 252 }) 253 } 254 255 func TestAccAWSRedshiftCluster_updateNodeCount(t *testing.T) { 256 var v redshift.Cluster 257 258 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 259 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 260 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateNodeCount, ri) 261 262 resource.Test(t, resource.TestCase{ 263 PreCheck: func() { testAccPreCheck(t) }, 264 Providers: testAccProviders, 265 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 266 Steps: []resource.TestStep{ 267 { 268 Config: preConfig, 269 Check: resource.ComposeTestCheckFunc( 270 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 271 resource.TestCheckResourceAttr( 272 "aws_redshift_cluster.default", "number_of_nodes", "1"), 273 ), 274 }, 275 276 { 277 Config: postConfig, 278 Check: resource.ComposeTestCheckFunc( 279 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 280 resource.TestCheckResourceAttr( 281 "aws_redshift_cluster.default", "number_of_nodes", "2"), 282 ), 283 }, 284 }, 285 }) 286 } 287 288 func TestAccAWSRedshiftCluster_tags(t *testing.T) { 289 var v redshift.Cluster 290 291 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 292 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_tags, ri) 293 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatedTags, ri) 294 295 resource.Test(t, resource.TestCase{ 296 PreCheck: func() { testAccPreCheck(t) }, 297 Providers: testAccProviders, 298 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 299 Steps: []resource.TestStep{ 300 { 301 Config: preConfig, 302 Check: resource.ComposeTestCheckFunc( 303 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 304 resource.TestCheckResourceAttr( 305 "aws_redshift_cluster.default", "tags.%", "3"), 306 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 307 ), 308 }, 309 310 { 311 Config: postConfig, 312 Check: resource.ComposeTestCheckFunc( 313 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 314 resource.TestCheckResourceAttr( 315 "aws_redshift_cluster.default", "tags.%", "1"), 316 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 317 ), 318 }, 319 }, 320 }) 321 } 322 323 func testAccCheckAWSRedshiftClusterDestroy(s *terraform.State) error { 324 for _, rs := range s.RootModule().Resources { 325 if rs.Type != "aws_redshift_cluster" { 326 continue 327 } 328 329 // Try to find the Group 330 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 331 var err error 332 resp, err := conn.DescribeClusters( 333 &redshift.DescribeClustersInput{ 334 ClusterIdentifier: aws.String(rs.Primary.ID), 335 }) 336 337 if err == nil { 338 if len(resp.Clusters) != 0 && 339 *resp.Clusters[0].ClusterIdentifier == rs.Primary.ID { 340 return fmt.Errorf("Redshift Cluster %s still exists", rs.Primary.ID) 341 } 342 } 343 344 // Return nil if the cluster is already destroyed 345 if awsErr, ok := err.(awserr.Error); ok { 346 if awsErr.Code() == "ClusterNotFound" { 347 return nil 348 } 349 } 350 351 return err 352 } 353 354 return nil 355 } 356 357 func testAccCheckAWSRedshiftClusterSnapshot(rInt int) resource.TestCheckFunc { 358 return func(s *terraform.State) error { 359 for _, rs := range s.RootModule().Resources { 360 if rs.Type != "aws_redshift_cluster" { 361 continue 362 } 363 364 var err error 365 366 // Try and delete the snapshot before we check for the cluster not found 367 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 368 369 snapshot_identifier := fmt.Sprintf("tf-acctest-snapshot-%d", rInt) 370 arn, err := buildRedshiftARN(snapshot_identifier, testAccProvider.Meta().(*AWSClient).partition, testAccProvider.Meta().(*AWSClient).accountid, testAccProvider.Meta().(*AWSClient).region) 371 tagsARN := strings.Replace(arn, ":cluster:", ":snapshot:", 1) 372 if err != nil { 373 return fmt.Errorf("Error building ARN for tags check with ARN (%s): %s", tagsARN, err) 374 } 375 376 log.Printf("[INFO] Deleting the Snapshot %s", snapshot_identifier) 377 _, snapDeleteErr := conn.DeleteClusterSnapshot( 378 &redshift.DeleteClusterSnapshotInput{ 379 SnapshotIdentifier: aws.String(snapshot_identifier), 380 }) 381 if snapDeleteErr != nil { 382 return err 383 } 384 385 //lastly check that the Cluster is missing 386 resp, err := conn.DescribeClusters( 387 &redshift.DescribeClustersInput{ 388 ClusterIdentifier: aws.String(rs.Primary.ID), 389 }) 390 391 if err == nil { 392 if len(resp.Clusters) != 0 && 393 *resp.Clusters[0].ClusterIdentifier == rs.Primary.ID { 394 return fmt.Errorf("Redshift Cluster %s still exists", rs.Primary.ID) 395 } 396 } 397 398 // Return nil if the cluster is already destroyed 399 if awsErr, ok := err.(awserr.Error); ok { 400 if awsErr.Code() == "ClusterNotFound" { 401 return nil 402 } 403 404 return err 405 } 406 407 } 408 409 return nil 410 } 411 } 412 413 func testAccCheckAWSRedshiftClusterExists(n string, v *redshift.Cluster) resource.TestCheckFunc { 414 return func(s *terraform.State) error { 415 rs, ok := s.RootModule().Resources[n] 416 if !ok { 417 return fmt.Errorf("Not found: %s", n) 418 } 419 420 if rs.Primary.ID == "" { 421 return fmt.Errorf("No Redshift Cluster Instance ID is set") 422 } 423 424 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 425 resp, err := conn.DescribeClusters(&redshift.DescribeClustersInput{ 426 ClusterIdentifier: aws.String(rs.Primary.ID), 427 }) 428 429 if err != nil { 430 return err 431 } 432 433 for _, c := range resp.Clusters { 434 if *c.ClusterIdentifier == rs.Primary.ID { 435 *v = *c 436 return nil 437 } 438 } 439 440 return fmt.Errorf("Redshift Cluster (%s) not found", rs.Primary.ID) 441 } 442 } 443 444 func TestResourceAWSRedshiftClusterIdentifierValidation(t *testing.T) { 445 cases := []struct { 446 Value string 447 ErrCount int 448 }{ 449 { 450 Value: "tEsting", 451 ErrCount: 1, 452 }, 453 { 454 Value: "1testing", 455 ErrCount: 1, 456 }, 457 { 458 Value: "testing--123", 459 ErrCount: 1, 460 }, 461 { 462 Value: "testing!", 463 ErrCount: 1, 464 }, 465 { 466 Value: "testing-", 467 ErrCount: 1, 468 }, 469 } 470 471 for _, tc := range cases { 472 _, errors := validateRedshiftClusterIdentifier(tc.Value, "aws_redshift_cluster_identifier") 473 474 if len(errors) != tc.ErrCount { 475 t.Fatalf("Expected the Redshift Cluster cluster_identifier to trigger a validation error") 476 } 477 } 478 } 479 480 func TestResourceAWSRedshiftClusterFinalSnapshotIdentifierValidation(t *testing.T) { 481 cases := []struct { 482 Value string 483 ErrCount int 484 }{ 485 { 486 Value: "testing--123", 487 ErrCount: 1, 488 }, 489 { 490 Value: "testing-", 491 ErrCount: 1, 492 }, 493 { 494 Value: "Testingq123!", 495 ErrCount: 1, 496 }, 497 { 498 Value: randomString(256), 499 ErrCount: 1, 500 }, 501 } 502 503 for _, tc := range cases { 504 _, errors := validateRedshiftClusterFinalSnapshotIdentifier(tc.Value, "aws_redshift_cluster_final_snapshot_identifier") 505 506 if len(errors) != tc.ErrCount { 507 t.Fatalf("Expected the Redshift Cluster final_snapshot_identifier to trigger a validation error") 508 } 509 } 510 } 511 512 func TestResourceAWSRedshiftClusterMasterUsernameValidation(t *testing.T) { 513 cases := []struct { 514 Value string 515 ErrCount int 516 }{ 517 { 518 Value: "1Testing", 519 ErrCount: 1, 520 }, 521 { 522 Value: "Testing!!", 523 ErrCount: 1, 524 }, 525 { 526 Value: randomString(129), 527 ErrCount: 1, 528 }, 529 { 530 Value: "testing_testing123", 531 ErrCount: 0, 532 }, 533 } 534 535 for _, tc := range cases { 536 _, errors := validateRedshiftClusterMasterUsername(tc.Value, "aws_redshift_cluster_master_username") 537 538 if len(errors) != tc.ErrCount { 539 t.Fatalf("Expected the Redshift Cluster master_username to trigger a validation error") 540 } 541 } 542 } 543 544 func TestResourceAWSRedshiftClusterMasterPasswordValidation(t *testing.T) { 545 cases := []struct { 546 Value string 547 ErrCount int 548 }{ 549 { 550 Value: "1TESTING", 551 ErrCount: 1, 552 }, 553 { 554 Value: "1testing", 555 ErrCount: 1, 556 }, 557 { 558 Value: "TestTest", 559 ErrCount: 1, 560 }, 561 { 562 Value: "T3st", 563 ErrCount: 1, 564 }, 565 { 566 Value: "1Testing", 567 ErrCount: 0, 568 }, 569 { 570 Value: "1Testing@", 571 ErrCount: 1, 572 }, 573 } 574 575 for _, tc := range cases { 576 _, errors := validateRedshiftClusterMasterPassword(tc.Value, "aws_redshift_cluster_master_password") 577 578 if len(errors) != tc.ErrCount { 579 t.Fatalf("Expected the Redshift Cluster master_password to trigger a validation error") 580 } 581 } 582 } 583 584 var testAccAWSRedshiftClusterConfig_updateNodeCount = ` 585 resource "aws_redshift_cluster" "default" { 586 cluster_identifier = "tf-redshift-cluster-%d" 587 availability_zone = "us-west-2a" 588 database_name = "mydb" 589 master_username = "foo_test" 590 master_password = "Mustbe8characters" 591 node_type = "dc1.large" 592 automated_snapshot_retention_period = 0 593 allow_version_upgrade = false 594 number_of_nodes = 2 595 skip_final_snapshot = true 596 } 597 ` 598 599 var testAccAWSRedshiftClusterConfig_basic = ` 600 resource "aws_redshift_cluster" "default" { 601 cluster_identifier = "tf-redshift-cluster-%d" 602 availability_zone = "us-west-2a" 603 database_name = "mydb" 604 master_username = "foo_test" 605 master_password = "Mustbe8characters" 606 node_type = "dc1.large" 607 automated_snapshot_retention_period = 0 608 allow_version_upgrade = false 609 skip_final_snapshot = true 610 }` 611 612 func testAccAWSRedshiftClusterConfigWithFinalSnapshot(rInt int) string { 613 return fmt.Sprintf(` 614 resource "aws_redshift_cluster" "default" { 615 cluster_identifier = "tf-redshift-cluster-%d" 616 availability_zone = "us-west-2a" 617 database_name = "mydb" 618 master_username = "foo_test" 619 master_password = "Mustbe8characters" 620 node_type = "dc1.large" 621 automated_snapshot_retention_period = 0 622 allow_version_upgrade = false 623 skip_final_snapshot = false 624 final_snapshot_identifier = "tf-acctest-snapshot-%d" 625 }`, rInt, rInt) 626 } 627 628 var testAccAWSRedshiftClusterConfig_kmsKey = ` 629 resource "aws_kms_key" "foo" { 630 description = "Terraform acc test %d" 631 policy = <<POLICY 632 { 633 "Version": "2012-10-17", 634 "Id": "kms-tf-1", 635 "Statement": [ 636 { 637 "Sid": "Enable IAM User Permissions", 638 "Effect": "Allow", 639 "Principal": { 640 "AWS": "*" 641 }, 642 "Action": "kms:*", 643 "Resource": "*" 644 } 645 ] 646 } 647 POLICY 648 } 649 650 resource "aws_redshift_cluster" "default" { 651 cluster_identifier = "tf-redshift-cluster-%d" 652 availability_zone = "us-west-2a" 653 database_name = "mydb" 654 master_username = "foo_test" 655 master_password = "Mustbe8characters" 656 node_type = "dc1.large" 657 automated_snapshot_retention_period = 0 658 allow_version_upgrade = false 659 kms_key_id = "${aws_kms_key.foo.arn}" 660 encrypted = true 661 skip_final_snapshot = true 662 }` 663 664 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled = ` 665 resource "aws_redshift_cluster" "default" { 666 cluster_identifier = "tf-redshift-cluster-%d" 667 availability_zone = "us-west-2a" 668 database_name = "mydb" 669 master_username = "foo_test" 670 master_password = "Mustbe8characters" 671 node_type = "dc1.large" 672 automated_snapshot_retention_period = 0 673 allow_version_upgrade = false 674 enhanced_vpc_routing = true 675 skip_final_snapshot = true 676 } 677 ` 678 679 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled = ` 680 resource "aws_redshift_cluster" "default" { 681 cluster_identifier = "tf-redshift-cluster-%d" 682 availability_zone = "us-west-2a" 683 database_name = "mydb" 684 master_username = "foo_test" 685 master_password = "Mustbe8characters" 686 node_type = "dc1.large" 687 automated_snapshot_retention_period = 0 688 allow_version_upgrade = false 689 enhanced_vpc_routing = false 690 skip_final_snapshot = true 691 } 692 ` 693 694 func testAccAWSRedshiftClusterConfig_loggingDisabled(rInt int) string { 695 return fmt.Sprintf(` 696 resource "aws_redshift_cluster" "default" { 697 cluster_identifier = "tf-redshift-cluster-%d" 698 availability_zone = "us-west-2a" 699 database_name = "mydb" 700 master_username = "foo_test" 701 master_password = "Mustbe8characters" 702 node_type = "dc1.large" 703 automated_snapshot_retention_period = 0 704 allow_version_upgrade = false 705 enable_logging = false 706 skip_final_snapshot = true 707 }`, rInt) 708 } 709 710 func testAccAWSRedshiftClusterConfig_loggingEnabled(rInt int) string { 711 return fmt.Sprintf(` 712 resource "aws_s3_bucket" "bucket" { 713 bucket = "tf-redshift-logging-%d" 714 force_destroy = true 715 policy = <<EOF 716 { 717 "Version": "2008-10-17", 718 "Statement": [ 719 { 720 "Sid": "Stmt1376526643067", 721 "Effect": "Allow", 722 "Principal": { 723 "AWS": "arn:aws:iam::902366379725:user/logs" 724 }, 725 "Action": "s3:PutObject", 726 "Resource": "arn:aws:s3:::tf-redshift-logging-%d/*" 727 }, 728 { 729 "Sid": "Stmt137652664067", 730 "Effect": "Allow", 731 "Principal": { 732 "AWS": "arn:aws:iam::902366379725:user/logs" 733 }, 734 "Action": "s3:GetBucketAcl", 735 "Resource": "arn:aws:s3:::tf-redshift-logging-%d" 736 } 737 ] 738 } 739 EOF 740 } 741 742 743 resource "aws_redshift_cluster" "default" { 744 cluster_identifier = "tf-redshift-cluster-%d" 745 availability_zone = "us-west-2a" 746 database_name = "mydb" 747 master_username = "foo_test" 748 master_password = "Mustbe8characters" 749 node_type = "dc1.large" 750 automated_snapshot_retention_period = 0 751 allow_version_upgrade = false 752 enable_logging = true 753 bucket_name = "${aws_s3_bucket.bucket.bucket}" 754 skip_final_snapshot = true 755 }`, rInt, rInt, rInt, rInt) 756 } 757 758 var testAccAWSRedshiftClusterConfig_tags = ` 759 resource "aws_redshift_cluster" "default" { 760 cluster_identifier = "tf-redshift-cluster-%d" 761 availability_zone = "us-west-2a" 762 database_name = "mydb" 763 master_username = "foo" 764 master_password = "Mustbe8characters" 765 node_type = "dc1.large" 766 automated_snapshot_retention_period = 7 767 allow_version_upgrade = false 768 skip_final_snapshot = true 769 tags { 770 environment = "Production" 771 cluster = "reader" 772 Type = "master" 773 } 774 }` 775 776 var testAccAWSRedshiftClusterConfig_updatedTags = ` 777 resource "aws_redshift_cluster" "default" { 778 cluster_identifier = "tf-redshift-cluster-%d" 779 availability_zone = "us-west-2a" 780 database_name = "mydb" 781 master_username = "foo" 782 master_password = "Mustbe8characters" 783 node_type = "dc1.large" 784 automated_snapshot_retention_period = 7 785 allow_version_upgrade = false 786 skip_final_snapshot = true 787 tags { 788 environment = "Production" 789 } 790 }` 791 792 func testAccAWSRedshiftClusterConfig_notPubliclyAccessible(rInt int) string { 793 return fmt.Sprintf(` 794 resource "aws_vpc" "foo" { 795 cidr_block = "10.1.0.0/16" 796 } 797 resource "aws_internet_gateway" "foo" { 798 vpc_id = "${aws_vpc.foo.id}" 799 tags { 800 foo = "bar" 801 } 802 } 803 resource "aws_subnet" "foo" { 804 cidr_block = "10.1.1.0/24" 805 availability_zone = "us-west-2a" 806 vpc_id = "${aws_vpc.foo.id}" 807 tags { 808 Name = "tf-dbsubnet-test-1" 809 } 810 } 811 resource "aws_subnet" "bar" { 812 cidr_block = "10.1.2.0/24" 813 availability_zone = "us-west-2b" 814 vpc_id = "${aws_vpc.foo.id}" 815 tags { 816 Name = "tf-dbsubnet-test-2" 817 } 818 } 819 resource "aws_subnet" "foobar" { 820 cidr_block = "10.1.3.0/24" 821 availability_zone = "us-west-2c" 822 vpc_id = "${aws_vpc.foo.id}" 823 tags { 824 Name = "tf-dbsubnet-test-3" 825 } 826 } 827 resource "aws_redshift_subnet_group" "foo" { 828 name = "foo-%d" 829 description = "foo description" 830 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 831 } 832 resource "aws_redshift_cluster" "default" { 833 cluster_identifier = "tf-redshift-cluster-%d" 834 availability_zone = "us-west-2a" 835 database_name = "mydb" 836 master_username = "foo" 837 master_password = "Mustbe8characters" 838 node_type = "dc1.large" 839 automated_snapshot_retention_period = 0 840 allow_version_upgrade = false 841 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 842 publicly_accessible = false 843 skip_final_snapshot = true 844 }`, rInt, rInt) 845 } 846 847 func testAccAWSRedshiftClusterConfig_updatePubliclyAccessible(rInt int) string { 848 return fmt.Sprintf(` 849 resource "aws_vpc" "foo" { 850 cidr_block = "10.1.0.0/16" 851 } 852 resource "aws_internet_gateway" "foo" { 853 vpc_id = "${aws_vpc.foo.id}" 854 tags { 855 foo = "bar" 856 } 857 } 858 resource "aws_subnet" "foo" { 859 cidr_block = "10.1.1.0/24" 860 availability_zone = "us-west-2a" 861 vpc_id = "${aws_vpc.foo.id}" 862 tags { 863 Name = "tf-dbsubnet-test-1" 864 } 865 } 866 resource "aws_subnet" "bar" { 867 cidr_block = "10.1.2.0/24" 868 availability_zone = "us-west-2b" 869 vpc_id = "${aws_vpc.foo.id}" 870 tags { 871 Name = "tf-dbsubnet-test-2" 872 } 873 } 874 resource "aws_subnet" "foobar" { 875 cidr_block = "10.1.3.0/24" 876 availability_zone = "us-west-2c" 877 vpc_id = "${aws_vpc.foo.id}" 878 tags { 879 Name = "tf-dbsubnet-test-3" 880 } 881 } 882 resource "aws_redshift_subnet_group" "foo" { 883 name = "foo-%d" 884 description = "foo description" 885 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 886 } 887 resource "aws_redshift_cluster" "default" { 888 cluster_identifier = "tf-redshift-cluster-%d" 889 availability_zone = "us-west-2a" 890 database_name = "mydb" 891 master_username = "foo" 892 master_password = "Mustbe8characters" 893 node_type = "dc1.large" 894 automated_snapshot_retention_period = 0 895 allow_version_upgrade = false 896 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 897 publicly_accessible = true 898 skip_final_snapshot = true 899 }`, rInt, rInt) 900 } 901 902 var testAccAWSRedshiftClusterConfig_iamRoles = ` 903 resource "aws_iam_role" "ec2-role" { 904 name = "test-role-ec2-%d" 905 path = "/" 906 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 907 } 908 909 resource "aws_iam_role" "lambda-role" { 910 name = "test-role-lambda-%d" 911 path = "/" 912 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 913 } 914 915 resource "aws_redshift_cluster" "default" { 916 cluster_identifier = "tf-redshift-cluster-%d" 917 availability_zone = "us-west-2a" 918 database_name = "mydb" 919 master_username = "foo_test" 920 master_password = "Mustbe8characters" 921 node_type = "dc1.large" 922 automated_snapshot_retention_period = 0 923 allow_version_upgrade = false 924 iam_roles = ["${aws_iam_role.ec2-role.arn}", "${aws_iam_role.lambda-role.arn}"] 925 skip_final_snapshot = true 926 }` 927 928 var testAccAWSRedshiftClusterConfig_updateIamRoles = ` 929 resource "aws_iam_role" "ec2-role" { 930 name = "test-role-ec2-%d" 931 path = "/" 932 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 933 } 934 935 resource "aws_iam_role" "lambda-role" { 936 name = "test-role-lambda-%d" 937 path = "/" 938 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 939 } 940 941 resource "aws_redshift_cluster" "default" { 942 cluster_identifier = "tf-redshift-cluster-%d" 943 availability_zone = "us-west-2a" 944 database_name = "mydb" 945 master_username = "foo_test" 946 master_password = "Mustbe8characters" 947 node_type = "dc1.large" 948 automated_snapshot_retention_period = 0 949 allow_version_upgrade = false 950 iam_roles = ["${aws_iam_role.ec2-role.arn}"] 951 skip_final_snapshot = true 952 }`