github.com/recobe182/terraform@v0.8.5-0.20170117231232-49ab22a935b7/builtin/providers/aws/resource_aws_redshift_cluster_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "math/rand" 6 "testing" 7 "time" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/aws/awserr" 11 "github.com/aws/aws-sdk-go/service/redshift" 12 "github.com/hashicorp/terraform/helper/resource" 13 "github.com/hashicorp/terraform/terraform" 14 "regexp" 15 ) 16 17 func TestValidateRedshiftClusterDbName(t *testing.T) { 18 validNames := []string{ 19 "testdbname", 20 "test_dbname", 21 "testdbname123", 22 "TestDBname", 23 "testdbname$hashicorp", 24 "_dbname", 25 } 26 for _, v := range validNames { 27 _, errors := validateRedshiftClusterDbName(v, "name") 28 if len(errors) != 0 { 29 t.Fatalf("%q should be a valid Redshift DBName: %q", v, errors) 30 } 31 } 32 33 invalidNames := []string{ 34 "!", 35 "/", 36 " ", 37 ":", 38 ";", 39 "test name", 40 "/slash-at-the-beginning", 41 "slash-at-the-end/", 42 "", 43 randomString(100), 44 } 45 for _, v := range invalidNames { 46 _, errors := validateRedshiftClusterDbName(v, "name") 47 if len(errors) == 0 { 48 t.Fatalf("%q should be an invalid Redshift DBName", v) 49 } 50 } 51 } 52 53 func TestAccAWSRedshiftCluster_basic(t *testing.T) { 54 var v redshift.Cluster 55 56 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 57 config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 58 59 resource.Test(t, resource.TestCase{ 60 PreCheck: func() { testAccPreCheck(t) }, 61 Providers: testAccProviders, 62 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 63 Steps: []resource.TestStep{ 64 { 65 Config: config, 66 Check: resource.ComposeTestCheckFunc( 67 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 68 resource.TestCheckResourceAttr( 69 "aws_redshift_cluster.default", "cluster_type", "single-node"), 70 resource.TestCheckResourceAttr( 71 "aws_redshift_cluster.default", "publicly_accessible", "true"), 72 ), 73 }, 74 }, 75 }) 76 } 77 78 func TestAccAWSRedshiftCluster_kmsKey(t *testing.T) { 79 var v redshift.Cluster 80 81 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 82 config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_kmsKey, ri, ri) 83 keyRegex := regexp.MustCompile("^arn:aws:([a-zA-Z0-9\\-])+:([a-z]{2}-[a-z]+-\\d{1})?:(\\d{12})?:(.*)$") 84 85 resource.Test(t, resource.TestCase{ 86 PreCheck: func() { testAccPreCheck(t) }, 87 Providers: testAccProviders, 88 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 89 Steps: []resource.TestStep{ 90 { 91 Config: config, 92 Check: resource.ComposeTestCheckFunc( 93 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 94 resource.TestCheckResourceAttr( 95 "aws_redshift_cluster.default", "cluster_type", "single-node"), 96 resource.TestCheckResourceAttr( 97 "aws_redshift_cluster.default", "publicly_accessible", "true"), 98 resource.TestMatchResourceAttr("aws_redshift_cluster.default", "kms_key_id", keyRegex), 99 ), 100 }, 101 }, 102 }) 103 } 104 105 func TestAccAWSRedshiftCluster_enhancedVpcRoutingEnabled(t *testing.T) { 106 var v redshift.Cluster 107 108 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 109 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled, ri) 110 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled, ri) 111 112 resource.Test(t, resource.TestCase{ 113 PreCheck: func() { testAccPreCheck(t) }, 114 Providers: testAccProviders, 115 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 116 Steps: []resource.TestStep{ 117 { 118 Config: preConfig, 119 Check: resource.ComposeTestCheckFunc( 120 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 121 resource.TestCheckResourceAttr( 122 "aws_redshift_cluster.default", "enhanced_vpc_routing", "true"), 123 ), 124 }, 125 { 126 Config: postConfig, 127 Check: resource.ComposeTestCheckFunc( 128 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 129 resource.TestCheckResourceAttr( 130 "aws_redshift_cluster.default", "enhanced_vpc_routing", "false"), 131 ), 132 }, 133 }, 134 }) 135 } 136 137 func TestAccAWSRedshiftCluster_loggingEnabled(t *testing.T) { 138 var v redshift.Cluster 139 140 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 141 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_loggingEnabled, ri) 142 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_loggingDisabled, ri) 143 144 resource.Test(t, resource.TestCase{ 145 PreCheck: func() { testAccPreCheck(t) }, 146 Providers: testAccProviders, 147 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 148 Steps: []resource.TestStep{ 149 { 150 Config: preConfig, 151 Check: resource.ComposeTestCheckFunc( 152 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 153 resource.TestCheckResourceAttr( 154 "aws_redshift_cluster.default", "enable_logging", "true"), 155 resource.TestCheckResourceAttr( 156 "aws_redshift_cluster.default", "bucket_name", "tf-redshift-logging-test-bucket"), 157 ), 158 }, 159 160 { 161 Config: postConfig, 162 Check: resource.ComposeTestCheckFunc( 163 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 164 resource.TestCheckResourceAttr( 165 "aws_redshift_cluster.default", "enable_logging", "false"), 166 ), 167 }, 168 }, 169 }) 170 } 171 172 func TestAccAWSRedshiftCluster_iamRoles(t *testing.T) { 173 var v redshift.Cluster 174 175 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 176 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_iamRoles, ri, ri, ri) 177 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateIamRoles, ri, ri, ri) 178 179 resource.Test(t, resource.TestCase{ 180 PreCheck: func() { testAccPreCheck(t) }, 181 Providers: testAccProviders, 182 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 183 Steps: []resource.TestStep{ 184 { 185 Config: preConfig, 186 Check: resource.ComposeTestCheckFunc( 187 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 188 resource.TestCheckResourceAttr( 189 "aws_redshift_cluster.default", "iam_roles.#", "2"), 190 ), 191 }, 192 193 { 194 Config: postConfig, 195 Check: resource.ComposeTestCheckFunc( 196 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 197 resource.TestCheckResourceAttr( 198 "aws_redshift_cluster.default", "iam_roles.#", "1"), 199 ), 200 }, 201 }, 202 }) 203 } 204 205 func TestAccAWSRedshiftCluster_publiclyAccessible(t *testing.T) { 206 var v redshift.Cluster 207 208 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 209 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_notPubliclyAccessible, ri) 210 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatePubliclyAccessible, ri) 211 212 resource.Test(t, resource.TestCase{ 213 PreCheck: func() { testAccPreCheck(t) }, 214 Providers: testAccProviders, 215 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 216 Steps: []resource.TestStep{ 217 { 218 Config: preConfig, 219 Check: resource.ComposeTestCheckFunc( 220 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 221 resource.TestCheckResourceAttr( 222 "aws_redshift_cluster.default", "publicly_accessible", "false"), 223 ), 224 }, 225 226 { 227 Config: postConfig, 228 Check: resource.ComposeTestCheckFunc( 229 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 230 resource.TestCheckResourceAttr( 231 "aws_redshift_cluster.default", "publicly_accessible", "true"), 232 ), 233 }, 234 }, 235 }) 236 } 237 238 func TestAccAWSRedshiftCluster_updateNodeCount(t *testing.T) { 239 var v redshift.Cluster 240 241 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 242 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 243 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateNodeCount, ri) 244 245 resource.Test(t, resource.TestCase{ 246 PreCheck: func() { testAccPreCheck(t) }, 247 Providers: testAccProviders, 248 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 249 Steps: []resource.TestStep{ 250 { 251 Config: preConfig, 252 Check: resource.ComposeTestCheckFunc( 253 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 254 resource.TestCheckResourceAttr( 255 "aws_redshift_cluster.default", "number_of_nodes", "1"), 256 ), 257 }, 258 259 { 260 Config: postConfig, 261 Check: resource.ComposeTestCheckFunc( 262 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 263 resource.TestCheckResourceAttr( 264 "aws_redshift_cluster.default", "number_of_nodes", "2"), 265 ), 266 }, 267 }, 268 }) 269 } 270 271 func TestAccAWSRedshiftCluster_tags(t *testing.T) { 272 var v redshift.Cluster 273 274 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 275 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_tags, ri) 276 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatedTags, ri) 277 278 resource.Test(t, resource.TestCase{ 279 PreCheck: func() { testAccPreCheck(t) }, 280 Providers: testAccProviders, 281 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 282 Steps: []resource.TestStep{ 283 { 284 Config: preConfig, 285 Check: resource.ComposeTestCheckFunc( 286 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 287 resource.TestCheckResourceAttr( 288 "aws_redshift_cluster.default", "tags.%", "3"), 289 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 290 ), 291 }, 292 293 { 294 Config: postConfig, 295 Check: resource.ComposeTestCheckFunc( 296 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 297 resource.TestCheckResourceAttr( 298 "aws_redshift_cluster.default", "tags.%", "1"), 299 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 300 ), 301 }, 302 }, 303 }) 304 } 305 306 func testAccCheckAWSRedshiftClusterDestroy(s *terraform.State) error { 307 for _, rs := range s.RootModule().Resources { 308 if rs.Type != "aws_redshift_cluster" { 309 continue 310 } 311 312 // Try to find the Group 313 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 314 var err error 315 resp, err := conn.DescribeClusters( 316 &redshift.DescribeClustersInput{ 317 ClusterIdentifier: aws.String(rs.Primary.ID), 318 }) 319 320 if err == nil { 321 if len(resp.Clusters) != 0 && 322 *resp.Clusters[0].ClusterIdentifier == rs.Primary.ID { 323 return fmt.Errorf("Redshift Cluster %s still exists", rs.Primary.ID) 324 } 325 } 326 327 // Return nil if the cluster is already destroyed 328 if awsErr, ok := err.(awserr.Error); ok { 329 if awsErr.Code() == "ClusterNotFound" { 330 return nil 331 } 332 } 333 334 return err 335 } 336 337 return nil 338 } 339 340 func testAccCheckAWSRedshiftClusterExists(n string, v *redshift.Cluster) resource.TestCheckFunc { 341 return func(s *terraform.State) error { 342 rs, ok := s.RootModule().Resources[n] 343 if !ok { 344 return fmt.Errorf("Not found: %s", n) 345 } 346 347 if rs.Primary.ID == "" { 348 return fmt.Errorf("No Redshift Cluster Instance ID is set") 349 } 350 351 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 352 resp, err := conn.DescribeClusters(&redshift.DescribeClustersInput{ 353 ClusterIdentifier: aws.String(rs.Primary.ID), 354 }) 355 356 if err != nil { 357 return err 358 } 359 360 for _, c := range resp.Clusters { 361 if *c.ClusterIdentifier == rs.Primary.ID { 362 *v = *c 363 return nil 364 } 365 } 366 367 return fmt.Errorf("Redshift Cluster (%s) not found", rs.Primary.ID) 368 } 369 } 370 371 func TestResourceAWSRedshiftClusterIdentifierValidation(t *testing.T) { 372 cases := []struct { 373 Value string 374 ErrCount int 375 }{ 376 { 377 Value: "tEsting", 378 ErrCount: 1, 379 }, 380 { 381 Value: "1testing", 382 ErrCount: 1, 383 }, 384 { 385 Value: "testing--123", 386 ErrCount: 1, 387 }, 388 { 389 Value: "testing!", 390 ErrCount: 1, 391 }, 392 { 393 Value: "testing-", 394 ErrCount: 1, 395 }, 396 } 397 398 for _, tc := range cases { 399 _, errors := validateRedshiftClusterIdentifier(tc.Value, "aws_redshift_cluster_identifier") 400 401 if len(errors) != tc.ErrCount { 402 t.Fatalf("Expected the Redshift Cluster cluster_identifier to trigger a validation error") 403 } 404 } 405 } 406 407 func TestResourceAWSRedshiftClusterFinalSnapshotIdentifierValidation(t *testing.T) { 408 cases := []struct { 409 Value string 410 ErrCount int 411 }{ 412 { 413 Value: "testing--123", 414 ErrCount: 1, 415 }, 416 { 417 Value: "testing-", 418 ErrCount: 1, 419 }, 420 { 421 Value: "Testingq123!", 422 ErrCount: 1, 423 }, 424 { 425 Value: randomString(256), 426 ErrCount: 1, 427 }, 428 } 429 430 for _, tc := range cases { 431 _, errors := validateRedshiftClusterFinalSnapshotIdentifier(tc.Value, "aws_redshift_cluster_final_snapshot_identifier") 432 433 if len(errors) != tc.ErrCount { 434 t.Fatalf("Expected the Redshift Cluster final_snapshot_identifier to trigger a validation error") 435 } 436 } 437 } 438 439 func TestResourceAWSRedshiftClusterMasterUsernameValidation(t *testing.T) { 440 cases := []struct { 441 Value string 442 ErrCount int 443 }{ 444 { 445 Value: "1Testing", 446 ErrCount: 1, 447 }, 448 { 449 Value: "Testing!!", 450 ErrCount: 1, 451 }, 452 { 453 Value: randomString(129), 454 ErrCount: 1, 455 }, 456 { 457 Value: "testing_testing123", 458 ErrCount: 0, 459 }, 460 } 461 462 for _, tc := range cases { 463 _, errors := validateRedshiftClusterMasterUsername(tc.Value, "aws_redshift_cluster_master_username") 464 465 if len(errors) != tc.ErrCount { 466 t.Fatalf("Expected the Redshift Cluster master_username to trigger a validation error") 467 } 468 } 469 } 470 471 func TestResourceAWSRedshiftClusterMasterPasswordValidation(t *testing.T) { 472 cases := []struct { 473 Value string 474 ErrCount int 475 }{ 476 { 477 Value: "1TESTING", 478 ErrCount: 1, 479 }, 480 { 481 Value: "1testing", 482 ErrCount: 1, 483 }, 484 { 485 Value: "TestTest", 486 ErrCount: 1, 487 }, 488 { 489 Value: "T3st", 490 ErrCount: 1, 491 }, 492 { 493 Value: "1Testing", 494 ErrCount: 0, 495 }, 496 } 497 498 for _, tc := range cases { 499 _, errors := validateRedshiftClusterMasterPassword(tc.Value, "aws_redshift_cluster_master_password") 500 501 if len(errors) != tc.ErrCount { 502 t.Fatalf("Expected the Redshift Cluster master_password to trigger a validation error") 503 } 504 } 505 } 506 507 var testAccAWSRedshiftClusterConfig_updateNodeCount = ` 508 resource "aws_redshift_cluster" "default" { 509 cluster_identifier = "tf-redshift-cluster-%d" 510 availability_zone = "us-west-2a" 511 database_name = "mydb" 512 master_username = "foo_test" 513 master_password = "Mustbe8characters" 514 node_type = "dc1.large" 515 automated_snapshot_retention_period = 0 516 allow_version_upgrade = false 517 number_of_nodes = 2 518 } 519 ` 520 521 var testAccAWSRedshiftClusterConfig_basic = ` 522 resource "aws_redshift_cluster" "default" { 523 cluster_identifier = "tf-redshift-cluster-%d" 524 availability_zone = "us-west-2a" 525 database_name = "mydb" 526 master_username = "foo_test" 527 master_password = "Mustbe8characters" 528 node_type = "dc1.large" 529 automated_snapshot_retention_period = 0 530 allow_version_upgrade = false 531 }` 532 533 var testAccAWSRedshiftClusterConfig_kmsKey = ` 534 resource "aws_kms_key" "foo" { 535 description = "Terraform acc test %d" 536 policy = <<POLICY 537 { 538 "Version": "2012-10-17", 539 "Id": "kms-tf-1", 540 "Statement": [ 541 { 542 "Sid": "Enable IAM User Permissions", 543 "Effect": "Allow", 544 "Principal": { 545 "AWS": "*" 546 }, 547 "Action": "kms:*", 548 "Resource": "*" 549 } 550 ] 551 } 552 POLICY 553 } 554 555 resource "aws_redshift_cluster" "default" { 556 cluster_identifier = "tf-redshift-cluster-%d" 557 availability_zone = "us-west-2a" 558 database_name = "mydb" 559 master_username = "foo_test" 560 master_password = "Mustbe8characters" 561 node_type = "dc1.large" 562 automated_snapshot_retention_period = 0 563 allow_version_upgrade = false 564 kms_key_id = "${aws_kms_key.foo.arn}" 565 encrypted = true 566 }` 567 568 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled = ` 569 resource "aws_redshift_cluster" "default" { 570 cluster_identifier = "tf-redshift-cluster-%d" 571 availability_zone = "us-west-2a" 572 database_name = "mydb" 573 master_username = "foo_test" 574 master_password = "Mustbe8characters" 575 node_type = "dc1.large" 576 automated_snapshot_retention_period = 0 577 allow_version_upgrade = false 578 enhanced_vpc_routing = true 579 } 580 ` 581 582 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled = ` 583 resource "aws_redshift_cluster" "default" { 584 cluster_identifier = "tf-redshift-cluster-%d" 585 availability_zone = "us-west-2a" 586 database_name = "mydb" 587 master_username = "foo_test" 588 master_password = "Mustbe8characters" 589 node_type = "dc1.large" 590 automated_snapshot_retention_period = 0 591 allow_version_upgrade = false 592 enhanced_vpc_routing = false 593 } 594 ` 595 596 var testAccAWSRedshiftClusterConfig_loggingDisabled = ` 597 resource "aws_redshift_cluster" "default" { 598 cluster_identifier = "tf-redshift-cluster-%d" 599 availability_zone = "us-west-2a" 600 database_name = "mydb" 601 master_username = "foo_test" 602 master_password = "Mustbe8characters" 603 node_type = "dc1.large" 604 automated_snapshot_retention_period = 0 605 allow_version_upgrade = false 606 enable_logging = false 607 } 608 ` 609 610 var testAccAWSRedshiftClusterConfig_loggingEnabled = ` 611 resource "aws_s3_bucket" "bucket" { 612 bucket = "tf-redshift-logging-test-bucket" 613 force_destroy = true 614 policy = <<EOF 615 { 616 "Version": "2008-10-17", 617 "Statement": [ 618 { 619 "Sid": "Stmt1376526643067", 620 "Effect": "Allow", 621 "Principal": { 622 "AWS": "arn:aws:iam::902366379725:user/logs" 623 }, 624 "Action": "s3:PutObject", 625 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket/*" 626 }, 627 { 628 "Sid": "Stmt137652664067", 629 "Effect": "Allow", 630 "Principal": { 631 "AWS": "arn:aws:iam::902366379725:user/logs" 632 }, 633 "Action": "s3:GetBucketAcl", 634 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket" 635 } 636 ] 637 } 638 EOF 639 } 640 641 resource "aws_redshift_cluster" "default" { 642 cluster_identifier = "tf-redshift-cluster-%d" 643 availability_zone = "us-west-2a" 644 database_name = "mydb" 645 master_username = "foo_test" 646 master_password = "Mustbe8characters" 647 node_type = "dc1.large" 648 automated_snapshot_retention_period = 0 649 allow_version_upgrade = false 650 enable_logging = true 651 bucket_name = "${aws_s3_bucket.bucket.bucket}" 652 }` 653 654 var testAccAWSRedshiftClusterConfig_tags = ` 655 resource "aws_redshift_cluster" "default" { 656 cluster_identifier = "tf-redshift-cluster-%d" 657 availability_zone = "us-west-2a" 658 database_name = "mydb" 659 master_username = "foo" 660 master_password = "Mustbe8characters" 661 node_type = "dc1.large" 662 automated_snapshot_retention_period = 7 663 allow_version_upgrade = false 664 tags { 665 environment = "Production" 666 cluster = "reader" 667 Type = "master" 668 } 669 }` 670 671 var testAccAWSRedshiftClusterConfig_updatedTags = ` 672 resource "aws_redshift_cluster" "default" { 673 cluster_identifier = "tf-redshift-cluster-%d" 674 availability_zone = "us-west-2a" 675 database_name = "mydb" 676 master_username = "foo" 677 master_password = "Mustbe8characters" 678 node_type = "dc1.large" 679 automated_snapshot_retention_period = 7 680 allow_version_upgrade = false 681 tags { 682 environment = "Production" 683 } 684 }` 685 686 var testAccAWSRedshiftClusterConfig_notPubliclyAccessible = ` 687 resource "aws_vpc" "foo" { 688 cidr_block = "10.1.0.0/16" 689 } 690 resource "aws_internet_gateway" "foo" { 691 vpc_id = "${aws_vpc.foo.id}" 692 tags { 693 foo = "bar" 694 } 695 } 696 resource "aws_subnet" "foo" { 697 cidr_block = "10.1.1.0/24" 698 availability_zone = "us-west-2a" 699 vpc_id = "${aws_vpc.foo.id}" 700 tags { 701 Name = "tf-dbsubnet-test-1" 702 } 703 } 704 resource "aws_subnet" "bar" { 705 cidr_block = "10.1.2.0/24" 706 availability_zone = "us-west-2b" 707 vpc_id = "${aws_vpc.foo.id}" 708 tags { 709 Name = "tf-dbsubnet-test-2" 710 } 711 } 712 resource "aws_subnet" "foobar" { 713 cidr_block = "10.1.3.0/24" 714 availability_zone = "us-west-2c" 715 vpc_id = "${aws_vpc.foo.id}" 716 tags { 717 Name = "tf-dbsubnet-test-3" 718 } 719 } 720 resource "aws_redshift_subnet_group" "foo" { 721 name = "foo" 722 description = "foo description" 723 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 724 } 725 resource "aws_redshift_cluster" "default" { 726 cluster_identifier = "tf-redshift-cluster-%d" 727 availability_zone = "us-west-2a" 728 database_name = "mydb" 729 master_username = "foo" 730 master_password = "Mustbe8characters" 731 node_type = "dc1.large" 732 automated_snapshot_retention_period = 0 733 allow_version_upgrade = false 734 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 735 publicly_accessible = false 736 }` 737 738 var testAccAWSRedshiftClusterConfig_updatePubliclyAccessible = ` 739 resource "aws_vpc" "foo" { 740 cidr_block = "10.1.0.0/16" 741 } 742 resource "aws_internet_gateway" "foo" { 743 vpc_id = "${aws_vpc.foo.id}" 744 tags { 745 foo = "bar" 746 } 747 } 748 resource "aws_subnet" "foo" { 749 cidr_block = "10.1.1.0/24" 750 availability_zone = "us-west-2a" 751 vpc_id = "${aws_vpc.foo.id}" 752 tags { 753 Name = "tf-dbsubnet-test-1" 754 } 755 } 756 resource "aws_subnet" "bar" { 757 cidr_block = "10.1.2.0/24" 758 availability_zone = "us-west-2b" 759 vpc_id = "${aws_vpc.foo.id}" 760 tags { 761 Name = "tf-dbsubnet-test-2" 762 } 763 } 764 resource "aws_subnet" "foobar" { 765 cidr_block = "10.1.3.0/24" 766 availability_zone = "us-west-2c" 767 vpc_id = "${aws_vpc.foo.id}" 768 tags { 769 Name = "tf-dbsubnet-test-3" 770 } 771 } 772 resource "aws_redshift_subnet_group" "foo" { 773 name = "foo" 774 description = "foo description" 775 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 776 } 777 resource "aws_redshift_cluster" "default" { 778 cluster_identifier = "tf-redshift-cluster-%d" 779 availability_zone = "us-west-2a" 780 database_name = "mydb" 781 master_username = "foo" 782 master_password = "Mustbe8characters" 783 node_type = "dc1.large" 784 automated_snapshot_retention_period = 0 785 allow_version_upgrade = false 786 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 787 publicly_accessible = true 788 }` 789 790 var testAccAWSRedshiftClusterConfig_iamRoles = ` 791 resource "aws_iam_role" "ec2-role" { 792 name = "test-role-ec2-%d" 793 path = "/" 794 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 795 } 796 797 resource "aws_iam_role" "lambda-role" { 798 name = "test-role-lambda-%d" 799 path = "/" 800 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 801 } 802 803 resource "aws_redshift_cluster" "default" { 804 cluster_identifier = "tf-redshift-cluster-%d" 805 availability_zone = "us-west-2a" 806 database_name = "mydb" 807 master_username = "foo_test" 808 master_password = "Mustbe8characters" 809 node_type = "dc1.large" 810 automated_snapshot_retention_period = 0 811 allow_version_upgrade = false 812 iam_roles = ["${aws_iam_role.ec2-role.arn}", "${aws_iam_role.lambda-role.arn}"] 813 }` 814 815 var testAccAWSRedshiftClusterConfig_updateIamRoles = ` 816 resource "aws_iam_role" "ec2-role" { 817 name = "test-role-ec2-%d" 818 path = "/" 819 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 820 } 821 822 resource "aws_iam_role" "lambda-role" { 823 name = "test-role-lambda-%d" 824 path = "/" 825 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 826 } 827 828 resource "aws_redshift_cluster" "default" { 829 cluster_identifier = "tf-redshift-cluster-%d" 830 availability_zone = "us-west-2a" 831 database_name = "mydb" 832 master_username = "foo_test" 833 master_password = "Mustbe8characters" 834 node_type = "dc1.large" 835 automated_snapshot_retention_period = 0 836 allow_version_upgrade = false 837 iam_roles = ["${aws_iam_role.ec2-role.arn}"] 838 }`