github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/aws/resource_aws_redshift_cluster_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "math/rand" 6 "testing" 7 "time" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/aws/awserr" 11 "github.com/aws/aws-sdk-go/service/redshift" 12 "github.com/hashicorp/terraform/helper/resource" 13 "github.com/hashicorp/terraform/terraform" 14 ) 15 16 func TestAccAWSRedshiftCluster_basic(t *testing.T) { 17 var v redshift.Cluster 18 19 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 20 config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 21 22 resource.Test(t, resource.TestCase{ 23 PreCheck: func() { testAccPreCheck(t) }, 24 Providers: testAccProviders, 25 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 26 Steps: []resource.TestStep{ 27 resource.TestStep{ 28 Config: config, 29 Check: resource.ComposeTestCheckFunc( 30 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 31 resource.TestCheckResourceAttr( 32 "aws_redshift_cluster.default", "cluster_type", "single-node"), 33 resource.TestCheckResourceAttr( 34 "aws_redshift_cluster.default", "publicly_accessible", "true"), 35 ), 36 }, 37 }, 38 }) 39 } 40 41 func TestAccAWSRedshiftCluster_loggingEnabled(t *testing.T) { 42 var v redshift.Cluster 43 44 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 45 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_loggingEnabled, ri) 46 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_loggingDisabled, ri) 47 48 resource.Test(t, resource.TestCase{ 49 PreCheck: func() { testAccPreCheck(t) }, 50 Providers: testAccProviders, 51 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 52 Steps: []resource.TestStep{ 53 resource.TestStep{ 54 Config: preConfig, 55 Check: resource.ComposeTestCheckFunc( 56 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 57 resource.TestCheckResourceAttr( 58 "aws_redshift_cluster.default", "enable_logging", "true"), 59 resource.TestCheckResourceAttr( 60 "aws_redshift_cluster.default", "bucket_name", "tf-redshift-logging-test-bucket"), 61 ), 62 }, 63 64 resource.TestStep{ 65 Config: postConfig, 66 Check: resource.ComposeTestCheckFunc( 67 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 68 resource.TestCheckResourceAttr( 69 "aws_redshift_cluster.default", "enable_logging", "false"), 70 ), 71 }, 72 }, 73 }) 74 } 75 76 func TestAccAWSRedshiftCluster_iamRoles(t *testing.T) { 77 var v redshift.Cluster 78 79 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 80 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_iamRoles, ri, ri, ri) 81 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateIamRoles, ri, ri, ri) 82 83 resource.Test(t, resource.TestCase{ 84 PreCheck: func() { testAccPreCheck(t) }, 85 Providers: testAccProviders, 86 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 87 Steps: []resource.TestStep{ 88 resource.TestStep{ 89 Config: preConfig, 90 Check: resource.ComposeTestCheckFunc( 91 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 92 resource.TestCheckResourceAttr( 93 "aws_redshift_cluster.default", "iam_roles.#", "2"), 94 ), 95 }, 96 97 resource.TestStep{ 98 Config: postConfig, 99 Check: resource.ComposeTestCheckFunc( 100 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 101 resource.TestCheckResourceAttr( 102 "aws_redshift_cluster.default", "iam_roles.#", "1"), 103 ), 104 }, 105 }, 106 }) 107 } 108 109 func TestAccAWSRedshiftCluster_publiclyAccessible(t *testing.T) { 110 var v redshift.Cluster 111 112 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 113 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_notPubliclyAccessible, ri) 114 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatePubliclyAccessible, ri) 115 116 resource.Test(t, resource.TestCase{ 117 PreCheck: func() { testAccPreCheck(t) }, 118 Providers: testAccProviders, 119 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 120 Steps: []resource.TestStep{ 121 resource.TestStep{ 122 Config: preConfig, 123 Check: resource.ComposeTestCheckFunc( 124 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 125 resource.TestCheckResourceAttr( 126 "aws_redshift_cluster.default", "publicly_accessible", "false"), 127 ), 128 }, 129 130 resource.TestStep{ 131 Config: postConfig, 132 Check: resource.ComposeTestCheckFunc( 133 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 134 resource.TestCheckResourceAttr( 135 "aws_redshift_cluster.default", "publicly_accessible", "true"), 136 ), 137 }, 138 }, 139 }) 140 } 141 142 func TestAccAWSRedshiftCluster_updateNodeCount(t *testing.T) { 143 var v redshift.Cluster 144 145 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 146 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 147 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateNodeCount, ri) 148 149 resource.Test(t, resource.TestCase{ 150 PreCheck: func() { testAccPreCheck(t) }, 151 Providers: testAccProviders, 152 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 153 Steps: []resource.TestStep{ 154 resource.TestStep{ 155 Config: preConfig, 156 Check: resource.ComposeTestCheckFunc( 157 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 158 resource.TestCheckResourceAttr( 159 "aws_redshift_cluster.default", "number_of_nodes", "1"), 160 ), 161 }, 162 163 resource.TestStep{ 164 Config: postConfig, 165 Check: resource.ComposeTestCheckFunc( 166 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 167 resource.TestCheckResourceAttr( 168 "aws_redshift_cluster.default", "number_of_nodes", "2"), 169 ), 170 }, 171 }, 172 }) 173 } 174 175 func TestAccAWSRedshiftCluster_tags(t *testing.T) { 176 var v redshift.Cluster 177 178 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 179 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_tags, ri) 180 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatedTags, ri) 181 182 resource.Test(t, resource.TestCase{ 183 PreCheck: func() { testAccPreCheck(t) }, 184 Providers: testAccProviders, 185 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 186 Steps: []resource.TestStep{ 187 resource.TestStep{ 188 Config: preConfig, 189 Check: resource.ComposeTestCheckFunc( 190 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 191 resource.TestCheckResourceAttr( 192 "aws_redshift_cluster.default", "tags.%", "3"), 193 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 194 ), 195 }, 196 197 resource.TestStep{ 198 Config: postConfig, 199 Check: resource.ComposeTestCheckFunc( 200 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 201 resource.TestCheckResourceAttr( 202 "aws_redshift_cluster.default", "tags.%", "1"), 203 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 204 ), 205 }, 206 }, 207 }) 208 } 209 210 func testAccCheckAWSRedshiftClusterDestroy(s *terraform.State) error { 211 for _, rs := range s.RootModule().Resources { 212 if rs.Type != "aws_redshift_cluster" { 213 continue 214 } 215 216 // Try to find the Group 217 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 218 var err error 219 resp, err := conn.DescribeClusters( 220 &redshift.DescribeClustersInput{ 221 ClusterIdentifier: aws.String(rs.Primary.ID), 222 }) 223 224 if err == nil { 225 if len(resp.Clusters) != 0 && 226 *resp.Clusters[0].ClusterIdentifier == rs.Primary.ID { 227 return fmt.Errorf("Redshift Cluster %s still exists", rs.Primary.ID) 228 } 229 } 230 231 // Return nil if the cluster is already destroyed 232 if awsErr, ok := err.(awserr.Error); ok { 233 if awsErr.Code() == "ClusterNotFound" { 234 return nil 235 } 236 } 237 238 return err 239 } 240 241 return nil 242 } 243 244 func testAccCheckAWSRedshiftClusterExists(n string, v *redshift.Cluster) resource.TestCheckFunc { 245 return func(s *terraform.State) error { 246 rs, ok := s.RootModule().Resources[n] 247 if !ok { 248 return fmt.Errorf("Not found: %s", n) 249 } 250 251 if rs.Primary.ID == "" { 252 return fmt.Errorf("No Redshift Cluster Instance ID is set") 253 } 254 255 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 256 resp, err := conn.DescribeClusters(&redshift.DescribeClustersInput{ 257 ClusterIdentifier: aws.String(rs.Primary.ID), 258 }) 259 260 if err != nil { 261 return err 262 } 263 264 for _, c := range resp.Clusters { 265 if *c.ClusterIdentifier == rs.Primary.ID { 266 *v = *c 267 return nil 268 } 269 } 270 271 return fmt.Errorf("Redshift Cluster (%s) not found", rs.Primary.ID) 272 } 273 } 274 275 func TestResourceAWSRedshiftClusterIdentifierValidation(t *testing.T) { 276 cases := []struct { 277 Value string 278 ErrCount int 279 }{ 280 { 281 Value: "tEsting", 282 ErrCount: 1, 283 }, 284 { 285 Value: "1testing", 286 ErrCount: 1, 287 }, 288 { 289 Value: "testing--123", 290 ErrCount: 1, 291 }, 292 { 293 Value: "testing!", 294 ErrCount: 1, 295 }, 296 { 297 Value: "testing-", 298 ErrCount: 1, 299 }, 300 } 301 302 for _, tc := range cases { 303 _, errors := validateRedshiftClusterIdentifier(tc.Value, "aws_redshift_cluster_identifier") 304 305 if len(errors) != tc.ErrCount { 306 t.Fatalf("Expected the Redshift Cluster cluster_identifier to trigger a validation error") 307 } 308 } 309 } 310 311 func TestResourceAWSRedshiftClusterDbNameValidation(t *testing.T) { 312 cases := []struct { 313 Value string 314 ErrCount int 315 }{ 316 { 317 Value: "tEsting", 318 ErrCount: 1, 319 }, 320 { 321 Value: "testing1", 322 ErrCount: 0, 323 }, 324 { 325 Value: "testing-", 326 ErrCount: 1, 327 }, 328 { 329 Value: "", 330 ErrCount: 2, 331 }, 332 { 333 Value: randomString(65), 334 ErrCount: 1, 335 }, 336 } 337 338 for _, tc := range cases { 339 _, errors := validateRedshiftClusterDbName(tc.Value, "aws_redshift_cluster_database_name") 340 341 if len(errors) != tc.ErrCount { 342 t.Fatalf("Expected the Redshift Cluster database_name to trigger a validation error") 343 } 344 } 345 } 346 347 func TestResourceAWSRedshiftClusterFinalSnapshotIdentifierValidation(t *testing.T) { 348 cases := []struct { 349 Value string 350 ErrCount int 351 }{ 352 { 353 Value: "testing--123", 354 ErrCount: 1, 355 }, 356 { 357 Value: "testing-", 358 ErrCount: 1, 359 }, 360 { 361 Value: "Testingq123!", 362 ErrCount: 1, 363 }, 364 { 365 Value: randomString(256), 366 ErrCount: 1, 367 }, 368 } 369 370 for _, tc := range cases { 371 _, errors := validateRedshiftClusterFinalSnapshotIdentifier(tc.Value, "aws_redshift_cluster_final_snapshot_identifier") 372 373 if len(errors) != tc.ErrCount { 374 t.Fatalf("Expected the Redshift Cluster final_snapshot_identifier to trigger a validation error") 375 } 376 } 377 } 378 379 func TestResourceAWSRedshiftClusterMasterUsernameValidation(t *testing.T) { 380 cases := []struct { 381 Value string 382 ErrCount int 383 }{ 384 { 385 Value: "1Testing", 386 ErrCount: 1, 387 }, 388 { 389 Value: "Testing!!", 390 ErrCount: 1, 391 }, 392 { 393 Value: randomString(129), 394 ErrCount: 1, 395 }, 396 { 397 Value: "testing_testing123", 398 ErrCount: 0, 399 }, 400 } 401 402 for _, tc := range cases { 403 _, errors := validateRedshiftClusterMasterUsername(tc.Value, "aws_redshift_cluster_master_username") 404 405 if len(errors) != tc.ErrCount { 406 t.Fatalf("Expected the Redshift Cluster master_username to trigger a validation error") 407 } 408 } 409 } 410 411 func TestResourceAWSRedshiftClusterMasterPasswordValidation(t *testing.T) { 412 cases := []struct { 413 Value string 414 ErrCount int 415 }{ 416 { 417 Value: "1TESTING", 418 ErrCount: 1, 419 }, 420 { 421 Value: "1testing", 422 ErrCount: 1, 423 }, 424 { 425 Value: "TestTest", 426 ErrCount: 1, 427 }, 428 { 429 Value: "T3st", 430 ErrCount: 1, 431 }, 432 { 433 Value: "1Testing", 434 ErrCount: 0, 435 }, 436 } 437 438 for _, tc := range cases { 439 _, errors := validateRedshiftClusterMasterPassword(tc.Value, "aws_redshift_cluster_master_password") 440 441 if len(errors) != tc.ErrCount { 442 t.Fatalf("Expected the Redshift Cluster master_password to trigger a validation error") 443 } 444 } 445 } 446 447 var testAccAWSRedshiftClusterConfig_updateNodeCount = ` 448 resource "aws_redshift_cluster" "default" { 449 cluster_identifier = "tf-redshift-cluster-%d" 450 availability_zone = "us-west-2a" 451 database_name = "mydb" 452 master_username = "foo_test" 453 master_password = "Mustbe8characters" 454 node_type = "dc1.large" 455 automated_snapshot_retention_period = 0 456 allow_version_upgrade = false 457 number_of_nodes = 2 458 } 459 ` 460 461 var testAccAWSRedshiftClusterConfig_basic = ` 462 resource "aws_redshift_cluster" "default" { 463 cluster_identifier = "tf-redshift-cluster-%d" 464 availability_zone = "us-west-2a" 465 database_name = "mydb" 466 master_username = "foo_test" 467 master_password = "Mustbe8characters" 468 node_type = "dc1.large" 469 automated_snapshot_retention_period = 0 470 allow_version_upgrade = false 471 }` 472 473 var testAccAWSRedshiftClusterConfig_loggingDisabled = ` 474 resource "aws_redshift_cluster" "default" { 475 cluster_identifier = "tf-redshift-cluster-%d" 476 availability_zone = "us-west-2a" 477 database_name = "mydb" 478 master_username = "foo_test" 479 master_password = "Mustbe8characters" 480 node_type = "dc1.large" 481 automated_snapshot_retention_period = 0 482 allow_version_upgrade = false 483 enable_logging = false 484 } 485 ` 486 487 var testAccAWSRedshiftClusterConfig_loggingEnabled = ` 488 resource "aws_s3_bucket" "bucket" { 489 bucket = "tf-redshift-logging-test-bucket" 490 force_destroy = true 491 policy = <<EOF 492 { 493 "Version": "2008-10-17", 494 "Statement": [ 495 { 496 "Sid": "Stmt1376526643067", 497 "Effect": "Allow", 498 "Principal": { 499 "AWS": "arn:aws:iam::902366379725:user/logs" 500 }, 501 "Action": "s3:PutObject", 502 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket/*" 503 }, 504 { 505 "Sid": "Stmt137652664067", 506 "Effect": "Allow", 507 "Principal": { 508 "AWS": "arn:aws:iam::902366379725:user/logs" 509 }, 510 "Action": "s3:GetBucketAcl", 511 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket" 512 } 513 ] 514 } 515 EOF 516 } 517 518 resource "aws_redshift_cluster" "default" { 519 cluster_identifier = "tf-redshift-cluster-%d" 520 availability_zone = "us-west-2a" 521 database_name = "mydb" 522 master_username = "foo_test" 523 master_password = "Mustbe8characters" 524 node_type = "dc1.large" 525 automated_snapshot_retention_period = 0 526 allow_version_upgrade = false 527 enable_logging = true 528 bucket_name = "${aws_s3_bucket.bucket.bucket}" 529 }` 530 531 var testAccAWSRedshiftClusterConfig_tags = ` 532 resource "aws_redshift_cluster" "default" { 533 cluster_identifier = "tf-redshift-cluster-%d" 534 availability_zone = "us-west-2a" 535 database_name = "mydb" 536 master_username = "foo" 537 master_password = "Mustbe8characters" 538 node_type = "dc1.large" 539 automated_snapshot_retention_period = 7 540 allow_version_upgrade = false 541 tags { 542 environment = "Production" 543 cluster = "reader" 544 Type = "master" 545 } 546 }` 547 548 var testAccAWSRedshiftClusterConfig_updatedTags = ` 549 resource "aws_redshift_cluster" "default" { 550 cluster_identifier = "tf-redshift-cluster-%d" 551 availability_zone = "us-west-2a" 552 database_name = "mydb" 553 master_username = "foo" 554 master_password = "Mustbe8characters" 555 node_type = "dc1.large" 556 automated_snapshot_retention_period = 7 557 allow_version_upgrade = false 558 tags { 559 environment = "Production" 560 } 561 }` 562 563 var testAccAWSRedshiftClusterConfig_notPubliclyAccessible = ` 564 resource "aws_vpc" "foo" { 565 cidr_block = "10.1.0.0/16" 566 } 567 resource "aws_internet_gateway" "foo" { 568 vpc_id = "${aws_vpc.foo.id}" 569 tags { 570 foo = "bar" 571 } 572 } 573 resource "aws_subnet" "foo" { 574 cidr_block = "10.1.1.0/24" 575 availability_zone = "us-west-2a" 576 vpc_id = "${aws_vpc.foo.id}" 577 tags { 578 Name = "tf-dbsubnet-test-1" 579 } 580 } 581 resource "aws_subnet" "bar" { 582 cidr_block = "10.1.2.0/24" 583 availability_zone = "us-west-2b" 584 vpc_id = "${aws_vpc.foo.id}" 585 tags { 586 Name = "tf-dbsubnet-test-2" 587 } 588 } 589 resource "aws_subnet" "foobar" { 590 cidr_block = "10.1.3.0/24" 591 availability_zone = "us-west-2c" 592 vpc_id = "${aws_vpc.foo.id}" 593 tags { 594 Name = "tf-dbsubnet-test-3" 595 } 596 } 597 resource "aws_redshift_subnet_group" "foo" { 598 name = "foo" 599 description = "foo description" 600 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 601 } 602 resource "aws_redshift_cluster" "default" { 603 cluster_identifier = "tf-redshift-cluster-%d" 604 availability_zone = "us-west-2a" 605 database_name = "mydb" 606 master_username = "foo" 607 master_password = "Mustbe8characters" 608 node_type = "dc1.large" 609 automated_snapshot_retention_period = 0 610 allow_version_upgrade = false 611 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 612 publicly_accessible = false 613 }` 614 615 var testAccAWSRedshiftClusterConfig_updatePubliclyAccessible = ` 616 resource "aws_vpc" "foo" { 617 cidr_block = "10.1.0.0/16" 618 } 619 resource "aws_internet_gateway" "foo" { 620 vpc_id = "${aws_vpc.foo.id}" 621 tags { 622 foo = "bar" 623 } 624 } 625 resource "aws_subnet" "foo" { 626 cidr_block = "10.1.1.0/24" 627 availability_zone = "us-west-2a" 628 vpc_id = "${aws_vpc.foo.id}" 629 tags { 630 Name = "tf-dbsubnet-test-1" 631 } 632 } 633 resource "aws_subnet" "bar" { 634 cidr_block = "10.1.2.0/24" 635 availability_zone = "us-west-2b" 636 vpc_id = "${aws_vpc.foo.id}" 637 tags { 638 Name = "tf-dbsubnet-test-2" 639 } 640 } 641 resource "aws_subnet" "foobar" { 642 cidr_block = "10.1.3.0/24" 643 availability_zone = "us-west-2c" 644 vpc_id = "${aws_vpc.foo.id}" 645 tags { 646 Name = "tf-dbsubnet-test-3" 647 } 648 } 649 resource "aws_redshift_subnet_group" "foo" { 650 name = "foo" 651 description = "foo description" 652 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 653 } 654 resource "aws_redshift_cluster" "default" { 655 cluster_identifier = "tf-redshift-cluster-%d" 656 availability_zone = "us-west-2a" 657 database_name = "mydb" 658 master_username = "foo" 659 master_password = "Mustbe8characters" 660 node_type = "dc1.large" 661 automated_snapshot_retention_period = 0 662 allow_version_upgrade = false 663 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 664 publicly_accessible = true 665 }` 666 667 var testAccAWSRedshiftClusterConfig_iamRoles = ` 668 resource "aws_iam_role" "ec2-role" { 669 name = "test-role-ec2-%d" 670 path = "/" 671 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 672 } 673 674 resource "aws_iam_role" "lambda-role" { 675 name = "test-role-lambda-%d" 676 path = "/" 677 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 678 } 679 680 resource "aws_redshift_cluster" "default" { 681 cluster_identifier = "tf-redshift-cluster-%d" 682 availability_zone = "us-west-2a" 683 database_name = "mydb" 684 master_username = "foo_test" 685 master_password = "Mustbe8characters" 686 node_type = "dc1.large" 687 automated_snapshot_retention_period = 0 688 allow_version_upgrade = false 689 iam_roles = ["${aws_iam_role.ec2-role.arn}", "${aws_iam_role.lambda-role.arn}"] 690 }` 691 692 var testAccAWSRedshiftClusterConfig_updateIamRoles = ` 693 resource "aws_iam_role" "ec2-role" { 694 name = "test-role-ec2-%d" 695 path = "/" 696 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 697 } 698 699 resource "aws_iam_role" "lambda-role" { 700 name = "test-role-lambda-%d" 701 path = "/" 702 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 703 } 704 705 resource "aws_redshift_cluster" "default" { 706 cluster_identifier = "tf-redshift-cluster-%d" 707 availability_zone = "us-west-2a" 708 database_name = "mydb" 709 master_username = "foo_test" 710 master_password = "Mustbe8characters" 711 node_type = "dc1.large" 712 automated_snapshot_retention_period = 0 713 allow_version_upgrade = false 714 iam_roles = ["${aws_iam_role.ec2-role.arn}"] 715 }`