github.com/ns1/terraform@v0.7.10-0.20161109153551-8949419bef40/builtin/providers/aws/resource_aws_redshift_cluster_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "math/rand" 6 "testing" 7 "time" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/aws/awserr" 11 "github.com/aws/aws-sdk-go/service/redshift" 12 "github.com/hashicorp/terraform/helper/resource" 13 "github.com/hashicorp/terraform/terraform" 14 ) 15 16 func TestAccAWSRedshiftCluster_basic(t *testing.T) { 17 var v redshift.Cluster 18 19 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 20 config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 21 22 resource.Test(t, resource.TestCase{ 23 PreCheck: func() { testAccPreCheck(t) }, 24 Providers: testAccProviders, 25 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 26 Steps: []resource.TestStep{ 27 resource.TestStep{ 28 Config: config, 29 Check: resource.ComposeTestCheckFunc( 30 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 31 resource.TestCheckResourceAttr( 32 "aws_redshift_cluster.default", "cluster_type", "single-node"), 33 resource.TestCheckResourceAttr( 34 "aws_redshift_cluster.default", "publicly_accessible", "true"), 35 ), 36 }, 37 }, 38 }) 39 } 40 41 func TestAccAWSRedshiftCluster_enhancedVpcRoutingEnabled(t *testing.T) { 42 var v redshift.Cluster 43 44 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 45 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled, ri) 46 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled, ri) 47 48 resource.Test(t, resource.TestCase{ 49 PreCheck: func() { testAccPreCheck(t) }, 50 Providers: testAccProviders, 51 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 52 Steps: []resource.TestStep{ 53 resource.TestStep{ 54 Config: preConfig, 55 Check: resource.ComposeTestCheckFunc( 56 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 57 resource.TestCheckResourceAttr( 58 "aws_redshift_cluster.default", "enhanced_vpc_routing", "true"), 59 ), 60 }, 61 resource.TestStep{ 62 Config: postConfig, 63 Check: resource.ComposeTestCheckFunc( 64 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 65 resource.TestCheckResourceAttr( 66 "aws_redshift_cluster.default", "enhanced_vpc_routing", "false"), 67 ), 68 }, 69 }, 70 }) 71 } 72 73 func TestAccAWSRedshiftCluster_loggingEnabled(t *testing.T) { 74 var v redshift.Cluster 75 76 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 77 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_loggingEnabled, ri) 78 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_loggingDisabled, ri) 79 80 resource.Test(t, resource.TestCase{ 81 PreCheck: func() { testAccPreCheck(t) }, 82 Providers: testAccProviders, 83 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 84 Steps: []resource.TestStep{ 85 resource.TestStep{ 86 Config: preConfig, 87 Check: resource.ComposeTestCheckFunc( 88 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 89 resource.TestCheckResourceAttr( 90 "aws_redshift_cluster.default", "enable_logging", "true"), 91 resource.TestCheckResourceAttr( 92 "aws_redshift_cluster.default", "bucket_name", "tf-redshift-logging-test-bucket"), 93 ), 94 }, 95 96 resource.TestStep{ 97 Config: postConfig, 98 Check: resource.ComposeTestCheckFunc( 99 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 100 resource.TestCheckResourceAttr( 101 "aws_redshift_cluster.default", "enable_logging", "false"), 102 ), 103 }, 104 }, 105 }) 106 } 107 108 func TestAccAWSRedshiftCluster_iamRoles(t *testing.T) { 109 var v redshift.Cluster 110 111 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 112 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_iamRoles, ri, ri, ri) 113 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateIamRoles, ri, ri, ri) 114 115 resource.Test(t, resource.TestCase{ 116 PreCheck: func() { testAccPreCheck(t) }, 117 Providers: testAccProviders, 118 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 119 Steps: []resource.TestStep{ 120 resource.TestStep{ 121 Config: preConfig, 122 Check: resource.ComposeTestCheckFunc( 123 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 124 resource.TestCheckResourceAttr( 125 "aws_redshift_cluster.default", "iam_roles.#", "2"), 126 ), 127 }, 128 129 resource.TestStep{ 130 Config: postConfig, 131 Check: resource.ComposeTestCheckFunc( 132 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 133 resource.TestCheckResourceAttr( 134 "aws_redshift_cluster.default", "iam_roles.#", "1"), 135 ), 136 }, 137 }, 138 }) 139 } 140 141 func TestAccAWSRedshiftCluster_publiclyAccessible(t *testing.T) { 142 var v redshift.Cluster 143 144 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 145 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_notPubliclyAccessible, ri) 146 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatePubliclyAccessible, ri) 147 148 resource.Test(t, resource.TestCase{ 149 PreCheck: func() { testAccPreCheck(t) }, 150 Providers: testAccProviders, 151 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 152 Steps: []resource.TestStep{ 153 resource.TestStep{ 154 Config: preConfig, 155 Check: resource.ComposeTestCheckFunc( 156 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 157 resource.TestCheckResourceAttr( 158 "aws_redshift_cluster.default", "publicly_accessible", "false"), 159 ), 160 }, 161 162 resource.TestStep{ 163 Config: postConfig, 164 Check: resource.ComposeTestCheckFunc( 165 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 166 resource.TestCheckResourceAttr( 167 "aws_redshift_cluster.default", "publicly_accessible", "true"), 168 ), 169 }, 170 }, 171 }) 172 } 173 174 func TestAccAWSRedshiftCluster_updateNodeCount(t *testing.T) { 175 var v redshift.Cluster 176 177 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 178 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 179 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateNodeCount, ri) 180 181 resource.Test(t, resource.TestCase{ 182 PreCheck: func() { testAccPreCheck(t) }, 183 Providers: testAccProviders, 184 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 185 Steps: []resource.TestStep{ 186 resource.TestStep{ 187 Config: preConfig, 188 Check: resource.ComposeTestCheckFunc( 189 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 190 resource.TestCheckResourceAttr( 191 "aws_redshift_cluster.default", "number_of_nodes", "1"), 192 ), 193 }, 194 195 resource.TestStep{ 196 Config: postConfig, 197 Check: resource.ComposeTestCheckFunc( 198 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 199 resource.TestCheckResourceAttr( 200 "aws_redshift_cluster.default", "number_of_nodes", "2"), 201 ), 202 }, 203 }, 204 }) 205 } 206 207 func TestAccAWSRedshiftCluster_tags(t *testing.T) { 208 var v redshift.Cluster 209 210 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 211 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_tags, ri) 212 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatedTags, ri) 213 214 resource.Test(t, resource.TestCase{ 215 PreCheck: func() { testAccPreCheck(t) }, 216 Providers: testAccProviders, 217 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 218 Steps: []resource.TestStep{ 219 resource.TestStep{ 220 Config: preConfig, 221 Check: resource.ComposeTestCheckFunc( 222 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 223 resource.TestCheckResourceAttr( 224 "aws_redshift_cluster.default", "tags.%", "3"), 225 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 226 ), 227 }, 228 229 resource.TestStep{ 230 Config: postConfig, 231 Check: resource.ComposeTestCheckFunc( 232 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 233 resource.TestCheckResourceAttr( 234 "aws_redshift_cluster.default", "tags.%", "1"), 235 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 236 ), 237 }, 238 }, 239 }) 240 } 241 242 func testAccCheckAWSRedshiftClusterDestroy(s *terraform.State) error { 243 for _, rs := range s.RootModule().Resources { 244 if rs.Type != "aws_redshift_cluster" { 245 continue 246 } 247 248 // Try to find the Group 249 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 250 var err error 251 resp, err := conn.DescribeClusters( 252 &redshift.DescribeClustersInput{ 253 ClusterIdentifier: aws.String(rs.Primary.ID), 254 }) 255 256 if err == nil { 257 if len(resp.Clusters) != 0 && 258 *resp.Clusters[0].ClusterIdentifier == rs.Primary.ID { 259 return fmt.Errorf("Redshift Cluster %s still exists", rs.Primary.ID) 260 } 261 } 262 263 // Return nil if the cluster is already destroyed 264 if awsErr, ok := err.(awserr.Error); ok { 265 if awsErr.Code() == "ClusterNotFound" { 266 return nil 267 } 268 } 269 270 return err 271 } 272 273 return nil 274 } 275 276 func testAccCheckAWSRedshiftClusterExists(n string, v *redshift.Cluster) resource.TestCheckFunc { 277 return func(s *terraform.State) error { 278 rs, ok := s.RootModule().Resources[n] 279 if !ok { 280 return fmt.Errorf("Not found: %s", n) 281 } 282 283 if rs.Primary.ID == "" { 284 return fmt.Errorf("No Redshift Cluster Instance ID is set") 285 } 286 287 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 288 resp, err := conn.DescribeClusters(&redshift.DescribeClustersInput{ 289 ClusterIdentifier: aws.String(rs.Primary.ID), 290 }) 291 292 if err != nil { 293 return err 294 } 295 296 for _, c := range resp.Clusters { 297 if *c.ClusterIdentifier == rs.Primary.ID { 298 *v = *c 299 return nil 300 } 301 } 302 303 return fmt.Errorf("Redshift Cluster (%s) not found", rs.Primary.ID) 304 } 305 } 306 307 func TestResourceAWSRedshiftClusterIdentifierValidation(t *testing.T) { 308 cases := []struct { 309 Value string 310 ErrCount int 311 }{ 312 { 313 Value: "tEsting", 314 ErrCount: 1, 315 }, 316 { 317 Value: "1testing", 318 ErrCount: 1, 319 }, 320 { 321 Value: "testing--123", 322 ErrCount: 1, 323 }, 324 { 325 Value: "testing!", 326 ErrCount: 1, 327 }, 328 { 329 Value: "testing-", 330 ErrCount: 1, 331 }, 332 } 333 334 for _, tc := range cases { 335 _, errors := validateRedshiftClusterIdentifier(tc.Value, "aws_redshift_cluster_identifier") 336 337 if len(errors) != tc.ErrCount { 338 t.Fatalf("Expected the Redshift Cluster cluster_identifier to trigger a validation error") 339 } 340 } 341 } 342 343 func TestResourceAWSRedshiftClusterDbNameValidation(t *testing.T) { 344 cases := []struct { 345 Value string 346 ErrCount int 347 }{ 348 { 349 Value: "tEsting", 350 ErrCount: 1, 351 }, 352 { 353 Value: "testing1", 354 ErrCount: 0, 355 }, 356 { 357 Value: "testing-", 358 ErrCount: 1, 359 }, 360 { 361 Value: "", 362 ErrCount: 2, 363 }, 364 { 365 Value: randomString(65), 366 ErrCount: 1, 367 }, 368 } 369 370 for _, tc := range cases { 371 _, errors := validateRedshiftClusterDbName(tc.Value, "aws_redshift_cluster_database_name") 372 373 if len(errors) != tc.ErrCount { 374 t.Fatalf("Expected the Redshift Cluster database_name to trigger a validation error") 375 } 376 } 377 } 378 379 func TestResourceAWSRedshiftClusterFinalSnapshotIdentifierValidation(t *testing.T) { 380 cases := []struct { 381 Value string 382 ErrCount int 383 }{ 384 { 385 Value: "testing--123", 386 ErrCount: 1, 387 }, 388 { 389 Value: "testing-", 390 ErrCount: 1, 391 }, 392 { 393 Value: "Testingq123!", 394 ErrCount: 1, 395 }, 396 { 397 Value: randomString(256), 398 ErrCount: 1, 399 }, 400 } 401 402 for _, tc := range cases { 403 _, errors := validateRedshiftClusterFinalSnapshotIdentifier(tc.Value, "aws_redshift_cluster_final_snapshot_identifier") 404 405 if len(errors) != tc.ErrCount { 406 t.Fatalf("Expected the Redshift Cluster final_snapshot_identifier to trigger a validation error") 407 } 408 } 409 } 410 411 func TestResourceAWSRedshiftClusterMasterUsernameValidation(t *testing.T) { 412 cases := []struct { 413 Value string 414 ErrCount int 415 }{ 416 { 417 Value: "1Testing", 418 ErrCount: 1, 419 }, 420 { 421 Value: "Testing!!", 422 ErrCount: 1, 423 }, 424 { 425 Value: randomString(129), 426 ErrCount: 1, 427 }, 428 { 429 Value: "testing_testing123", 430 ErrCount: 0, 431 }, 432 } 433 434 for _, tc := range cases { 435 _, errors := validateRedshiftClusterMasterUsername(tc.Value, "aws_redshift_cluster_master_username") 436 437 if len(errors) != tc.ErrCount { 438 t.Fatalf("Expected the Redshift Cluster master_username to trigger a validation error") 439 } 440 } 441 } 442 443 func TestResourceAWSRedshiftClusterMasterPasswordValidation(t *testing.T) { 444 cases := []struct { 445 Value string 446 ErrCount int 447 }{ 448 { 449 Value: "1TESTING", 450 ErrCount: 1, 451 }, 452 { 453 Value: "1testing", 454 ErrCount: 1, 455 }, 456 { 457 Value: "TestTest", 458 ErrCount: 1, 459 }, 460 { 461 Value: "T3st", 462 ErrCount: 1, 463 }, 464 { 465 Value: "1Testing", 466 ErrCount: 0, 467 }, 468 } 469 470 for _, tc := range cases { 471 _, errors := validateRedshiftClusterMasterPassword(tc.Value, "aws_redshift_cluster_master_password") 472 473 if len(errors) != tc.ErrCount { 474 t.Fatalf("Expected the Redshift Cluster master_password to trigger a validation error") 475 } 476 } 477 } 478 479 var testAccAWSRedshiftClusterConfig_updateNodeCount = ` 480 resource "aws_redshift_cluster" "default" { 481 cluster_identifier = "tf-redshift-cluster-%d" 482 availability_zone = "us-west-2a" 483 database_name = "mydb" 484 master_username = "foo_test" 485 master_password = "Mustbe8characters" 486 node_type = "dc1.large" 487 automated_snapshot_retention_period = 0 488 allow_version_upgrade = false 489 number_of_nodes = 2 490 } 491 ` 492 493 var testAccAWSRedshiftClusterConfig_basic = ` 494 resource "aws_redshift_cluster" "default" { 495 cluster_identifier = "tf-redshift-cluster-%d" 496 availability_zone = "us-west-2a" 497 database_name = "mydb" 498 master_username = "foo_test" 499 master_password = "Mustbe8characters" 500 node_type = "dc1.large" 501 automated_snapshot_retention_period = 0 502 allow_version_upgrade = false 503 }` 504 505 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled = ` 506 resource "aws_redshift_cluster" "default" { 507 cluster_identifier = "tf-redshift-cluster-%d" 508 availability_zone = "us-west-2a" 509 database_name = "mydb" 510 master_username = "foo_test" 511 master_password = "Mustbe8characters" 512 node_type = "dc1.large" 513 automated_snapshot_retention_period = 0 514 allow_version_upgrade = false 515 enhanced_vpc_routing = true 516 } 517 ` 518 519 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled = ` 520 resource "aws_redshift_cluster" "default" { 521 cluster_identifier = "tf-redshift-cluster-%d" 522 availability_zone = "us-west-2a" 523 database_name = "mydb" 524 master_username = "foo_test" 525 master_password = "Mustbe8characters" 526 node_type = "dc1.large" 527 automated_snapshot_retention_period = 0 528 allow_version_upgrade = false 529 enhanced_vpc_routing = false 530 } 531 ` 532 533 var testAccAWSRedshiftClusterConfig_loggingDisabled = ` 534 resource "aws_redshift_cluster" "default" { 535 cluster_identifier = "tf-redshift-cluster-%d" 536 availability_zone = "us-west-2a" 537 database_name = "mydb" 538 master_username = "foo_test" 539 master_password = "Mustbe8characters" 540 node_type = "dc1.large" 541 automated_snapshot_retention_period = 0 542 allow_version_upgrade = false 543 enable_logging = false 544 } 545 ` 546 547 var testAccAWSRedshiftClusterConfig_loggingEnabled = ` 548 resource "aws_s3_bucket" "bucket" { 549 bucket = "tf-redshift-logging-test-bucket" 550 force_destroy = true 551 policy = <<EOF 552 { 553 "Version": "2008-10-17", 554 "Statement": [ 555 { 556 "Sid": "Stmt1376526643067", 557 "Effect": "Allow", 558 "Principal": { 559 "AWS": "arn:aws:iam::902366379725:user/logs" 560 }, 561 "Action": "s3:PutObject", 562 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket/*" 563 }, 564 { 565 "Sid": "Stmt137652664067", 566 "Effect": "Allow", 567 "Principal": { 568 "AWS": "arn:aws:iam::902366379725:user/logs" 569 }, 570 "Action": "s3:GetBucketAcl", 571 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket" 572 } 573 ] 574 } 575 EOF 576 } 577 578 resource "aws_redshift_cluster" "default" { 579 cluster_identifier = "tf-redshift-cluster-%d" 580 availability_zone = "us-west-2a" 581 database_name = "mydb" 582 master_username = "foo_test" 583 master_password = "Mustbe8characters" 584 node_type = "dc1.large" 585 automated_snapshot_retention_period = 0 586 allow_version_upgrade = false 587 enable_logging = true 588 bucket_name = "${aws_s3_bucket.bucket.bucket}" 589 }` 590 591 var testAccAWSRedshiftClusterConfig_tags = ` 592 resource "aws_redshift_cluster" "default" { 593 cluster_identifier = "tf-redshift-cluster-%d" 594 availability_zone = "us-west-2a" 595 database_name = "mydb" 596 master_username = "foo" 597 master_password = "Mustbe8characters" 598 node_type = "dc1.large" 599 automated_snapshot_retention_period = 7 600 allow_version_upgrade = false 601 tags { 602 environment = "Production" 603 cluster = "reader" 604 Type = "master" 605 } 606 }` 607 608 var testAccAWSRedshiftClusterConfig_updatedTags = ` 609 resource "aws_redshift_cluster" "default" { 610 cluster_identifier = "tf-redshift-cluster-%d" 611 availability_zone = "us-west-2a" 612 database_name = "mydb" 613 master_username = "foo" 614 master_password = "Mustbe8characters" 615 node_type = "dc1.large" 616 automated_snapshot_retention_period = 7 617 allow_version_upgrade = false 618 tags { 619 environment = "Production" 620 } 621 }` 622 623 var testAccAWSRedshiftClusterConfig_notPubliclyAccessible = ` 624 resource "aws_vpc" "foo" { 625 cidr_block = "10.1.0.0/16" 626 } 627 resource "aws_internet_gateway" "foo" { 628 vpc_id = "${aws_vpc.foo.id}" 629 tags { 630 foo = "bar" 631 } 632 } 633 resource "aws_subnet" "foo" { 634 cidr_block = "10.1.1.0/24" 635 availability_zone = "us-west-2a" 636 vpc_id = "${aws_vpc.foo.id}" 637 tags { 638 Name = "tf-dbsubnet-test-1" 639 } 640 } 641 resource "aws_subnet" "bar" { 642 cidr_block = "10.1.2.0/24" 643 availability_zone = "us-west-2b" 644 vpc_id = "${aws_vpc.foo.id}" 645 tags { 646 Name = "tf-dbsubnet-test-2" 647 } 648 } 649 resource "aws_subnet" "foobar" { 650 cidr_block = "10.1.3.0/24" 651 availability_zone = "us-west-2c" 652 vpc_id = "${aws_vpc.foo.id}" 653 tags { 654 Name = "tf-dbsubnet-test-3" 655 } 656 } 657 resource "aws_redshift_subnet_group" "foo" { 658 name = "foo" 659 description = "foo description" 660 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 661 } 662 resource "aws_redshift_cluster" "default" { 663 cluster_identifier = "tf-redshift-cluster-%d" 664 availability_zone = "us-west-2a" 665 database_name = "mydb" 666 master_username = "foo" 667 master_password = "Mustbe8characters" 668 node_type = "dc1.large" 669 automated_snapshot_retention_period = 0 670 allow_version_upgrade = false 671 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 672 publicly_accessible = false 673 }` 674 675 var testAccAWSRedshiftClusterConfig_updatePubliclyAccessible = ` 676 resource "aws_vpc" "foo" { 677 cidr_block = "10.1.0.0/16" 678 } 679 resource "aws_internet_gateway" "foo" { 680 vpc_id = "${aws_vpc.foo.id}" 681 tags { 682 foo = "bar" 683 } 684 } 685 resource "aws_subnet" "foo" { 686 cidr_block = "10.1.1.0/24" 687 availability_zone = "us-west-2a" 688 vpc_id = "${aws_vpc.foo.id}" 689 tags { 690 Name = "tf-dbsubnet-test-1" 691 } 692 } 693 resource "aws_subnet" "bar" { 694 cidr_block = "10.1.2.0/24" 695 availability_zone = "us-west-2b" 696 vpc_id = "${aws_vpc.foo.id}" 697 tags { 698 Name = "tf-dbsubnet-test-2" 699 } 700 } 701 resource "aws_subnet" "foobar" { 702 cidr_block = "10.1.3.0/24" 703 availability_zone = "us-west-2c" 704 vpc_id = "${aws_vpc.foo.id}" 705 tags { 706 Name = "tf-dbsubnet-test-3" 707 } 708 } 709 resource "aws_redshift_subnet_group" "foo" { 710 name = "foo" 711 description = "foo description" 712 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 713 } 714 resource "aws_redshift_cluster" "default" { 715 cluster_identifier = "tf-redshift-cluster-%d" 716 availability_zone = "us-west-2a" 717 database_name = "mydb" 718 master_username = "foo" 719 master_password = "Mustbe8characters" 720 node_type = "dc1.large" 721 automated_snapshot_retention_period = 0 722 allow_version_upgrade = false 723 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 724 publicly_accessible = true 725 }` 726 727 var testAccAWSRedshiftClusterConfig_iamRoles = ` 728 resource "aws_iam_role" "ec2-role" { 729 name = "test-role-ec2-%d" 730 path = "/" 731 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 732 } 733 734 resource "aws_iam_role" "lambda-role" { 735 name = "test-role-lambda-%d" 736 path = "/" 737 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 738 } 739 740 resource "aws_redshift_cluster" "default" { 741 cluster_identifier = "tf-redshift-cluster-%d" 742 availability_zone = "us-west-2a" 743 database_name = "mydb" 744 master_username = "foo_test" 745 master_password = "Mustbe8characters" 746 node_type = "dc1.large" 747 automated_snapshot_retention_period = 0 748 allow_version_upgrade = false 749 iam_roles = ["${aws_iam_role.ec2-role.arn}", "${aws_iam_role.lambda-role.arn}"] 750 }` 751 752 var testAccAWSRedshiftClusterConfig_updateIamRoles = ` 753 resource "aws_iam_role" "ec2-role" { 754 name = "test-role-ec2-%d" 755 path = "/" 756 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 757 } 758 759 resource "aws_iam_role" "lambda-role" { 760 name = "test-role-lambda-%d" 761 path = "/" 762 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 763 } 764 765 resource "aws_redshift_cluster" "default" { 766 cluster_identifier = "tf-redshift-cluster-%d" 767 availability_zone = "us-west-2a" 768 database_name = "mydb" 769 master_username = "foo_test" 770 master_password = "Mustbe8characters" 771 node_type = "dc1.large" 772 automated_snapshot_retention_period = 0 773 allow_version_upgrade = false 774 iam_roles = ["${aws_iam_role.ec2-role.arn}"] 775 }`