github.com/rhenning/terraform@v0.8.0-beta2/builtin/providers/aws/resource_aws_redshift_cluster_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "math/rand" 6 "testing" 7 "time" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/aws/awserr" 11 "github.com/aws/aws-sdk-go/service/redshift" 12 "github.com/hashicorp/terraform/helper/resource" 13 "github.com/hashicorp/terraform/terraform" 14 ) 15 16 func TestValidateRedshiftClusterDbName(t *testing.T) { 17 validNames := []string{ 18 "testdbname", 19 "test_dbname", 20 "testdbname123", 21 "TestDBname", 22 "testdbname$hashicorp", 23 "_dbname", 24 } 25 for _, v := range validNames { 26 _, errors := validateRedshiftClusterDbName(v, "name") 27 if len(errors) != 0 { 28 t.Fatalf("%q should be a valid Redshift DBName: %q", v, errors) 29 } 30 } 31 32 invalidNames := []string{ 33 "!", 34 "/", 35 " ", 36 ":", 37 ";", 38 "test name", 39 "/slash-at-the-beginning", 40 "slash-at-the-end/", 41 "", 42 randomString(100), 43 } 44 for _, v := range invalidNames { 45 _, errors := validateRedshiftClusterDbName(v, "name") 46 if len(errors) == 0 { 47 t.Fatalf("%q should be an invalid Redshift DBName", v) 48 } 49 } 50 } 51 52 func TestAccAWSRedshiftCluster_basic(t *testing.T) { 53 var v redshift.Cluster 54 55 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 56 config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 57 58 resource.Test(t, resource.TestCase{ 59 PreCheck: func() { testAccPreCheck(t) }, 60 Providers: testAccProviders, 61 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 62 Steps: []resource.TestStep{ 63 resource.TestStep{ 64 Config: config, 65 Check: resource.ComposeTestCheckFunc( 66 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 67 resource.TestCheckResourceAttr( 68 "aws_redshift_cluster.default", "cluster_type", "single-node"), 69 resource.TestCheckResourceAttr( 70 "aws_redshift_cluster.default", "publicly_accessible", "true"), 71 ), 72 }, 73 }, 74 }) 75 } 76 77 func TestAccAWSRedshiftCluster_enhancedVpcRoutingEnabled(t *testing.T) { 78 var v redshift.Cluster 79 80 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 81 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled, ri) 82 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled, ri) 83 84 resource.Test(t, resource.TestCase{ 85 PreCheck: func() { testAccPreCheck(t) }, 86 Providers: testAccProviders, 87 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 88 Steps: []resource.TestStep{ 89 resource.TestStep{ 90 Config: preConfig, 91 Check: resource.ComposeTestCheckFunc( 92 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 93 resource.TestCheckResourceAttr( 94 "aws_redshift_cluster.default", "enhanced_vpc_routing", "true"), 95 ), 96 }, 97 resource.TestStep{ 98 Config: postConfig, 99 Check: resource.ComposeTestCheckFunc( 100 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 101 resource.TestCheckResourceAttr( 102 "aws_redshift_cluster.default", "enhanced_vpc_routing", "false"), 103 ), 104 }, 105 }, 106 }) 107 } 108 109 func TestAccAWSRedshiftCluster_loggingEnabled(t *testing.T) { 110 var v redshift.Cluster 111 112 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 113 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_loggingEnabled, ri) 114 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_loggingDisabled, ri) 115 116 resource.Test(t, resource.TestCase{ 117 PreCheck: func() { testAccPreCheck(t) }, 118 Providers: testAccProviders, 119 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 120 Steps: []resource.TestStep{ 121 resource.TestStep{ 122 Config: preConfig, 123 Check: resource.ComposeTestCheckFunc( 124 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 125 resource.TestCheckResourceAttr( 126 "aws_redshift_cluster.default", "enable_logging", "true"), 127 resource.TestCheckResourceAttr( 128 "aws_redshift_cluster.default", "bucket_name", "tf-redshift-logging-test-bucket"), 129 ), 130 }, 131 132 resource.TestStep{ 133 Config: postConfig, 134 Check: resource.ComposeTestCheckFunc( 135 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 136 resource.TestCheckResourceAttr( 137 "aws_redshift_cluster.default", "enable_logging", "false"), 138 ), 139 }, 140 }, 141 }) 142 } 143 144 func TestAccAWSRedshiftCluster_iamRoles(t *testing.T) { 145 var v redshift.Cluster 146 147 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 148 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_iamRoles, ri, ri, ri) 149 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateIamRoles, ri, ri, ri) 150 151 resource.Test(t, resource.TestCase{ 152 PreCheck: func() { testAccPreCheck(t) }, 153 Providers: testAccProviders, 154 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 155 Steps: []resource.TestStep{ 156 resource.TestStep{ 157 Config: preConfig, 158 Check: resource.ComposeTestCheckFunc( 159 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 160 resource.TestCheckResourceAttr( 161 "aws_redshift_cluster.default", "iam_roles.#", "2"), 162 ), 163 }, 164 165 resource.TestStep{ 166 Config: postConfig, 167 Check: resource.ComposeTestCheckFunc( 168 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 169 resource.TestCheckResourceAttr( 170 "aws_redshift_cluster.default", "iam_roles.#", "1"), 171 ), 172 }, 173 }, 174 }) 175 } 176 177 func TestAccAWSRedshiftCluster_publiclyAccessible(t *testing.T) { 178 var v redshift.Cluster 179 180 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 181 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_notPubliclyAccessible, ri) 182 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatePubliclyAccessible, ri) 183 184 resource.Test(t, resource.TestCase{ 185 PreCheck: func() { testAccPreCheck(t) }, 186 Providers: testAccProviders, 187 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 188 Steps: []resource.TestStep{ 189 resource.TestStep{ 190 Config: preConfig, 191 Check: resource.ComposeTestCheckFunc( 192 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 193 resource.TestCheckResourceAttr( 194 "aws_redshift_cluster.default", "publicly_accessible", "false"), 195 ), 196 }, 197 198 resource.TestStep{ 199 Config: postConfig, 200 Check: resource.ComposeTestCheckFunc( 201 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 202 resource.TestCheckResourceAttr( 203 "aws_redshift_cluster.default", "publicly_accessible", "true"), 204 ), 205 }, 206 }, 207 }) 208 } 209 210 func TestAccAWSRedshiftCluster_updateNodeCount(t *testing.T) { 211 var v redshift.Cluster 212 213 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 214 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 215 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateNodeCount, ri) 216 217 resource.Test(t, resource.TestCase{ 218 PreCheck: func() { testAccPreCheck(t) }, 219 Providers: testAccProviders, 220 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 221 Steps: []resource.TestStep{ 222 resource.TestStep{ 223 Config: preConfig, 224 Check: resource.ComposeTestCheckFunc( 225 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 226 resource.TestCheckResourceAttr( 227 "aws_redshift_cluster.default", "number_of_nodes", "1"), 228 ), 229 }, 230 231 resource.TestStep{ 232 Config: postConfig, 233 Check: resource.ComposeTestCheckFunc( 234 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 235 resource.TestCheckResourceAttr( 236 "aws_redshift_cluster.default", "number_of_nodes", "2"), 237 ), 238 }, 239 }, 240 }) 241 } 242 243 func TestAccAWSRedshiftCluster_tags(t *testing.T) { 244 var v redshift.Cluster 245 246 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 247 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_tags, ri) 248 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatedTags, ri) 249 250 resource.Test(t, resource.TestCase{ 251 PreCheck: func() { testAccPreCheck(t) }, 252 Providers: testAccProviders, 253 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 254 Steps: []resource.TestStep{ 255 resource.TestStep{ 256 Config: preConfig, 257 Check: resource.ComposeTestCheckFunc( 258 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 259 resource.TestCheckResourceAttr( 260 "aws_redshift_cluster.default", "tags.%", "3"), 261 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 262 ), 263 }, 264 265 resource.TestStep{ 266 Config: postConfig, 267 Check: resource.ComposeTestCheckFunc( 268 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 269 resource.TestCheckResourceAttr( 270 "aws_redshift_cluster.default", "tags.%", "1"), 271 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 272 ), 273 }, 274 }, 275 }) 276 } 277 278 func testAccCheckAWSRedshiftClusterDestroy(s *terraform.State) error { 279 for _, rs := range s.RootModule().Resources { 280 if rs.Type != "aws_redshift_cluster" { 281 continue 282 } 283 284 // Try to find the Group 285 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 286 var err error 287 resp, err := conn.DescribeClusters( 288 &redshift.DescribeClustersInput{ 289 ClusterIdentifier: aws.String(rs.Primary.ID), 290 }) 291 292 if err == nil { 293 if len(resp.Clusters) != 0 && 294 *resp.Clusters[0].ClusterIdentifier == rs.Primary.ID { 295 return fmt.Errorf("Redshift Cluster %s still exists", rs.Primary.ID) 296 } 297 } 298 299 // Return nil if the cluster is already destroyed 300 if awsErr, ok := err.(awserr.Error); ok { 301 if awsErr.Code() == "ClusterNotFound" { 302 return nil 303 } 304 } 305 306 return err 307 } 308 309 return nil 310 } 311 312 func testAccCheckAWSRedshiftClusterExists(n string, v *redshift.Cluster) resource.TestCheckFunc { 313 return func(s *terraform.State) error { 314 rs, ok := s.RootModule().Resources[n] 315 if !ok { 316 return fmt.Errorf("Not found: %s", n) 317 } 318 319 if rs.Primary.ID == "" { 320 return fmt.Errorf("No Redshift Cluster Instance ID is set") 321 } 322 323 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 324 resp, err := conn.DescribeClusters(&redshift.DescribeClustersInput{ 325 ClusterIdentifier: aws.String(rs.Primary.ID), 326 }) 327 328 if err != nil { 329 return err 330 } 331 332 for _, c := range resp.Clusters { 333 if *c.ClusterIdentifier == rs.Primary.ID { 334 *v = *c 335 return nil 336 } 337 } 338 339 return fmt.Errorf("Redshift Cluster (%s) not found", rs.Primary.ID) 340 } 341 } 342 343 func TestResourceAWSRedshiftClusterIdentifierValidation(t *testing.T) { 344 cases := []struct { 345 Value string 346 ErrCount int 347 }{ 348 { 349 Value: "tEsting", 350 ErrCount: 1, 351 }, 352 { 353 Value: "1testing", 354 ErrCount: 1, 355 }, 356 { 357 Value: "testing--123", 358 ErrCount: 1, 359 }, 360 { 361 Value: "testing!", 362 ErrCount: 1, 363 }, 364 { 365 Value: "testing-", 366 ErrCount: 1, 367 }, 368 } 369 370 for _, tc := range cases { 371 _, errors := validateRedshiftClusterIdentifier(tc.Value, "aws_redshift_cluster_identifier") 372 373 if len(errors) != tc.ErrCount { 374 t.Fatalf("Expected the Redshift Cluster cluster_identifier to trigger a validation error") 375 } 376 } 377 } 378 379 func TestResourceAWSRedshiftClusterFinalSnapshotIdentifierValidation(t *testing.T) { 380 cases := []struct { 381 Value string 382 ErrCount int 383 }{ 384 { 385 Value: "testing--123", 386 ErrCount: 1, 387 }, 388 { 389 Value: "testing-", 390 ErrCount: 1, 391 }, 392 { 393 Value: "Testingq123!", 394 ErrCount: 1, 395 }, 396 { 397 Value: randomString(256), 398 ErrCount: 1, 399 }, 400 } 401 402 for _, tc := range cases { 403 _, errors := validateRedshiftClusterFinalSnapshotIdentifier(tc.Value, "aws_redshift_cluster_final_snapshot_identifier") 404 405 if len(errors) != tc.ErrCount { 406 t.Fatalf("Expected the Redshift Cluster final_snapshot_identifier to trigger a validation error") 407 } 408 } 409 } 410 411 func TestResourceAWSRedshiftClusterMasterUsernameValidation(t *testing.T) { 412 cases := []struct { 413 Value string 414 ErrCount int 415 }{ 416 { 417 Value: "1Testing", 418 ErrCount: 1, 419 }, 420 { 421 Value: "Testing!!", 422 ErrCount: 1, 423 }, 424 { 425 Value: randomString(129), 426 ErrCount: 1, 427 }, 428 { 429 Value: "testing_testing123", 430 ErrCount: 0, 431 }, 432 } 433 434 for _, tc := range cases { 435 _, errors := validateRedshiftClusterMasterUsername(tc.Value, "aws_redshift_cluster_master_username") 436 437 if len(errors) != tc.ErrCount { 438 t.Fatalf("Expected the Redshift Cluster master_username to trigger a validation error") 439 } 440 } 441 } 442 443 func TestResourceAWSRedshiftClusterMasterPasswordValidation(t *testing.T) { 444 cases := []struct { 445 Value string 446 ErrCount int 447 }{ 448 { 449 Value: "1TESTING", 450 ErrCount: 1, 451 }, 452 { 453 Value: "1testing", 454 ErrCount: 1, 455 }, 456 { 457 Value: "TestTest", 458 ErrCount: 1, 459 }, 460 { 461 Value: "T3st", 462 ErrCount: 1, 463 }, 464 { 465 Value: "1Testing", 466 ErrCount: 0, 467 }, 468 } 469 470 for _, tc := range cases { 471 _, errors := validateRedshiftClusterMasterPassword(tc.Value, "aws_redshift_cluster_master_password") 472 473 if len(errors) != tc.ErrCount { 474 t.Fatalf("Expected the Redshift Cluster master_password to trigger a validation error") 475 } 476 } 477 } 478 479 var testAccAWSRedshiftClusterConfig_updateNodeCount = ` 480 resource "aws_redshift_cluster" "default" { 481 cluster_identifier = "tf-redshift-cluster-%d" 482 availability_zone = "us-west-2a" 483 database_name = "mydb" 484 master_username = "foo_test" 485 master_password = "Mustbe8characters" 486 node_type = "dc1.large" 487 automated_snapshot_retention_period = 0 488 allow_version_upgrade = false 489 number_of_nodes = 2 490 } 491 ` 492 493 var testAccAWSRedshiftClusterConfig_basic = ` 494 resource "aws_redshift_cluster" "default" { 495 cluster_identifier = "tf-redshift-cluster-%d" 496 availability_zone = "us-west-2a" 497 database_name = "mydb" 498 master_username = "foo_test" 499 master_password = "Mustbe8characters" 500 node_type = "dc1.large" 501 automated_snapshot_retention_period = 0 502 allow_version_upgrade = false 503 }` 504 505 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled = ` 506 resource "aws_redshift_cluster" "default" { 507 cluster_identifier = "tf-redshift-cluster-%d" 508 availability_zone = "us-west-2a" 509 database_name = "mydb" 510 master_username = "foo_test" 511 master_password = "Mustbe8characters" 512 node_type = "dc1.large" 513 automated_snapshot_retention_period = 0 514 allow_version_upgrade = false 515 enhanced_vpc_routing = true 516 } 517 ` 518 519 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled = ` 520 resource "aws_redshift_cluster" "default" { 521 cluster_identifier = "tf-redshift-cluster-%d" 522 availability_zone = "us-west-2a" 523 database_name = "mydb" 524 master_username = "foo_test" 525 master_password = "Mustbe8characters" 526 node_type = "dc1.large" 527 automated_snapshot_retention_period = 0 528 allow_version_upgrade = false 529 enhanced_vpc_routing = false 530 } 531 ` 532 533 var testAccAWSRedshiftClusterConfig_loggingDisabled = ` 534 resource "aws_redshift_cluster" "default" { 535 cluster_identifier = "tf-redshift-cluster-%d" 536 availability_zone = "us-west-2a" 537 database_name = "mydb" 538 master_username = "foo_test" 539 master_password = "Mustbe8characters" 540 node_type = "dc1.large" 541 automated_snapshot_retention_period = 0 542 allow_version_upgrade = false 543 enable_logging = false 544 } 545 ` 546 547 var testAccAWSRedshiftClusterConfig_loggingEnabled = ` 548 resource "aws_s3_bucket" "bucket" { 549 bucket = "tf-redshift-logging-test-bucket" 550 force_destroy = true 551 policy = <<EOF 552 { 553 "Version": "2008-10-17", 554 "Statement": [ 555 { 556 "Sid": "Stmt1376526643067", 557 "Effect": "Allow", 558 "Principal": { 559 "AWS": "arn:aws:iam::902366379725:user/logs" 560 }, 561 "Action": "s3:PutObject", 562 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket/*" 563 }, 564 { 565 "Sid": "Stmt137652664067", 566 "Effect": "Allow", 567 "Principal": { 568 "AWS": "arn:aws:iam::902366379725:user/logs" 569 }, 570 "Action": "s3:GetBucketAcl", 571 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket" 572 } 573 ] 574 } 575 EOF 576 } 577 578 resource "aws_redshift_cluster" "default" { 579 cluster_identifier = "tf-redshift-cluster-%d" 580 availability_zone = "us-west-2a" 581 database_name = "mydb" 582 master_username = "foo_test" 583 master_password = "Mustbe8characters" 584 node_type = "dc1.large" 585 automated_snapshot_retention_period = 0 586 allow_version_upgrade = false 587 enable_logging = true 588 bucket_name = "${aws_s3_bucket.bucket.bucket}" 589 }` 590 591 var testAccAWSRedshiftClusterConfig_tags = ` 592 resource "aws_redshift_cluster" "default" { 593 cluster_identifier = "tf-redshift-cluster-%d" 594 availability_zone = "us-west-2a" 595 database_name = "mydb" 596 master_username = "foo" 597 master_password = "Mustbe8characters" 598 node_type = "dc1.large" 599 automated_snapshot_retention_period = 7 600 allow_version_upgrade = false 601 tags { 602 environment = "Production" 603 cluster = "reader" 604 Type = "master" 605 } 606 }` 607 608 var testAccAWSRedshiftClusterConfig_updatedTags = ` 609 resource "aws_redshift_cluster" "default" { 610 cluster_identifier = "tf-redshift-cluster-%d" 611 availability_zone = "us-west-2a" 612 database_name = "mydb" 613 master_username = "foo" 614 master_password = "Mustbe8characters" 615 node_type = "dc1.large" 616 automated_snapshot_retention_period = 7 617 allow_version_upgrade = false 618 tags { 619 environment = "Production" 620 } 621 }` 622 623 var testAccAWSRedshiftClusterConfig_notPubliclyAccessible = ` 624 resource "aws_vpc" "foo" { 625 cidr_block = "10.1.0.0/16" 626 } 627 resource "aws_internet_gateway" "foo" { 628 vpc_id = "${aws_vpc.foo.id}" 629 tags { 630 foo = "bar" 631 } 632 } 633 resource "aws_subnet" "foo" { 634 cidr_block = "10.1.1.0/24" 635 availability_zone = "us-west-2a" 636 vpc_id = "${aws_vpc.foo.id}" 637 tags { 638 Name = "tf-dbsubnet-test-1" 639 } 640 } 641 resource "aws_subnet" "bar" { 642 cidr_block = "10.1.2.0/24" 643 availability_zone = "us-west-2b" 644 vpc_id = "${aws_vpc.foo.id}" 645 tags { 646 Name = "tf-dbsubnet-test-2" 647 } 648 } 649 resource "aws_subnet" "foobar" { 650 cidr_block = "10.1.3.0/24" 651 availability_zone = "us-west-2c" 652 vpc_id = "${aws_vpc.foo.id}" 653 tags { 654 Name = "tf-dbsubnet-test-3" 655 } 656 } 657 resource "aws_redshift_subnet_group" "foo" { 658 name = "foo" 659 description = "foo description" 660 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 661 } 662 resource "aws_redshift_cluster" "default" { 663 cluster_identifier = "tf-redshift-cluster-%d" 664 availability_zone = "us-west-2a" 665 database_name = "mydb" 666 master_username = "foo" 667 master_password = "Mustbe8characters" 668 node_type = "dc1.large" 669 automated_snapshot_retention_period = 0 670 allow_version_upgrade = false 671 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 672 publicly_accessible = false 673 }` 674 675 var testAccAWSRedshiftClusterConfig_updatePubliclyAccessible = ` 676 resource "aws_vpc" "foo" { 677 cidr_block = "10.1.0.0/16" 678 } 679 resource "aws_internet_gateway" "foo" { 680 vpc_id = "${aws_vpc.foo.id}" 681 tags { 682 foo = "bar" 683 } 684 } 685 resource "aws_subnet" "foo" { 686 cidr_block = "10.1.1.0/24" 687 availability_zone = "us-west-2a" 688 vpc_id = "${aws_vpc.foo.id}" 689 tags { 690 Name = "tf-dbsubnet-test-1" 691 } 692 } 693 resource "aws_subnet" "bar" { 694 cidr_block = "10.1.2.0/24" 695 availability_zone = "us-west-2b" 696 vpc_id = "${aws_vpc.foo.id}" 697 tags { 698 Name = "tf-dbsubnet-test-2" 699 } 700 } 701 resource "aws_subnet" "foobar" { 702 cidr_block = "10.1.3.0/24" 703 availability_zone = "us-west-2c" 704 vpc_id = "${aws_vpc.foo.id}" 705 tags { 706 Name = "tf-dbsubnet-test-3" 707 } 708 } 709 resource "aws_redshift_subnet_group" "foo" { 710 name = "foo" 711 description = "foo description" 712 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 713 } 714 resource "aws_redshift_cluster" "default" { 715 cluster_identifier = "tf-redshift-cluster-%d" 716 availability_zone = "us-west-2a" 717 database_name = "mydb" 718 master_username = "foo" 719 master_password = "Mustbe8characters" 720 node_type = "dc1.large" 721 automated_snapshot_retention_period = 0 722 allow_version_upgrade = false 723 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 724 publicly_accessible = true 725 }` 726 727 var testAccAWSRedshiftClusterConfig_iamRoles = ` 728 resource "aws_iam_role" "ec2-role" { 729 name = "test-role-ec2-%d" 730 path = "/" 731 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 732 } 733 734 resource "aws_iam_role" "lambda-role" { 735 name = "test-role-lambda-%d" 736 path = "/" 737 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 738 } 739 740 resource "aws_redshift_cluster" "default" { 741 cluster_identifier = "tf-redshift-cluster-%d" 742 availability_zone = "us-west-2a" 743 database_name = "mydb" 744 master_username = "foo_test" 745 master_password = "Mustbe8characters" 746 node_type = "dc1.large" 747 automated_snapshot_retention_period = 0 748 allow_version_upgrade = false 749 iam_roles = ["${aws_iam_role.ec2-role.arn}", "${aws_iam_role.lambda-role.arn}"] 750 }` 751 752 var testAccAWSRedshiftClusterConfig_updateIamRoles = ` 753 resource "aws_iam_role" "ec2-role" { 754 name = "test-role-ec2-%d" 755 path = "/" 756 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 757 } 758 759 resource "aws_iam_role" "lambda-role" { 760 name = "test-role-lambda-%d" 761 path = "/" 762 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 763 } 764 765 resource "aws_redshift_cluster" "default" { 766 cluster_identifier = "tf-redshift-cluster-%d" 767 availability_zone = "us-west-2a" 768 database_name = "mydb" 769 master_username = "foo_test" 770 master_password = "Mustbe8characters" 771 node_type = "dc1.large" 772 automated_snapshot_retention_period = 0 773 allow_version_upgrade = false 774 iam_roles = ["${aws_iam_role.ec2-role.arn}"] 775 }`