github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_redshift_cluster_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "log" 6 "math/rand" 7 "regexp" 8 "strings" 9 "testing" 10 "time" 11 12 "github.com/aws/aws-sdk-go/aws" 13 "github.com/aws/aws-sdk-go/aws/awserr" 14 "github.com/aws/aws-sdk-go/service/redshift" 15 "github.com/hashicorp/terraform/helper/acctest" 16 "github.com/hashicorp/terraform/helper/resource" 17 "github.com/hashicorp/terraform/terraform" 18 ) 19 20 func TestValidateRedshiftClusterDbName(t *testing.T) { 21 validNames := []string{ 22 "testdbname", 23 "test_dbname", 24 "testdbname123", 25 "testdbname$hashicorp", 26 "_dbname", 27 } 28 for _, v := range validNames { 29 _, errors := validateRedshiftClusterDbName(v, "name") 30 if len(errors) != 0 { 31 t.Fatalf("%q should be a valid Redshift DBName: %q", v, errors) 32 } 33 } 34 35 invalidNames := []string{ 36 "!", 37 "/", 38 " ", 39 ":", 40 ";", 41 "test name", 42 "/slash-at-the-beginning", 43 "slash-at-the-end/", 44 "", 45 randomString(100), 46 "TestDBname", 47 } 48 for _, v := range invalidNames { 49 _, errors := validateRedshiftClusterDbName(v, "name") 50 if len(errors) == 0 { 51 t.Fatalf("%q should be an invalid Redshift DBName", v) 52 } 53 } 54 } 55 56 func TestAccAWSRedshiftCluster_basic(t *testing.T) { 57 var v redshift.Cluster 58 59 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 60 config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 61 62 resource.Test(t, resource.TestCase{ 63 PreCheck: func() { testAccPreCheck(t) }, 64 Providers: testAccProviders, 65 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 66 Steps: []resource.TestStep{ 67 { 68 Config: config, 69 Check: resource.ComposeTestCheckFunc( 70 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 71 resource.TestCheckResourceAttr( 72 "aws_redshift_cluster.default", "cluster_type", "single-node"), 73 resource.TestCheckResourceAttr( 74 "aws_redshift_cluster.default", "publicly_accessible", "true"), 75 ), 76 }, 77 }, 78 }) 79 } 80 81 func TestAccAWSRedshiftCluster_withFinalSnapshot(t *testing.T) { 82 var v redshift.Cluster 83 84 rInt := acctest.RandInt() 85 86 resource.Test(t, resource.TestCase{ 87 PreCheck: func() { testAccPreCheck(t) }, 88 Providers: testAccProviders, 89 CheckDestroy: testAccCheckAWSRedshiftClusterSnapshot(rInt), 90 Steps: []resource.TestStep{ 91 { 92 Config: testAccAWSRedshiftClusterConfigWithFinalSnapshot(rInt), 93 Check: resource.ComposeTestCheckFunc( 94 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 95 ), 96 }, 97 }, 98 }) 99 } 100 101 func TestAccAWSRedshiftCluster_kmsKey(t *testing.T) { 102 var v redshift.Cluster 103 104 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 105 config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_kmsKey, ri, ri) 106 keyRegex := regexp.MustCompile("^arn:aws:([a-zA-Z0-9\\-])+:([a-z]{2}-[a-z]+-\\d{1})?:(\\d{12})?:(.*)$") 107 108 resource.Test(t, resource.TestCase{ 109 PreCheck: func() { testAccPreCheck(t) }, 110 Providers: testAccProviders, 111 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 112 Steps: []resource.TestStep{ 113 { 114 Config: config, 115 Check: resource.ComposeTestCheckFunc( 116 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 117 resource.TestCheckResourceAttr( 118 "aws_redshift_cluster.default", "cluster_type", "single-node"), 119 resource.TestCheckResourceAttr( 120 "aws_redshift_cluster.default", "publicly_accessible", "true"), 121 resource.TestMatchResourceAttr("aws_redshift_cluster.default", "kms_key_id", keyRegex), 122 ), 123 }, 124 }, 125 }) 126 } 127 128 func TestAccAWSRedshiftCluster_enhancedVpcRoutingEnabled(t *testing.T) { 129 var v redshift.Cluster 130 131 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 132 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled, ri) 133 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled, ri) 134 135 resource.Test(t, resource.TestCase{ 136 PreCheck: func() { testAccPreCheck(t) }, 137 Providers: testAccProviders, 138 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 139 Steps: []resource.TestStep{ 140 { 141 Config: preConfig, 142 Check: resource.ComposeTestCheckFunc( 143 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 144 resource.TestCheckResourceAttr( 145 "aws_redshift_cluster.default", "enhanced_vpc_routing", "true"), 146 ), 147 }, 148 { 149 Config: postConfig, 150 Check: resource.ComposeTestCheckFunc( 151 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 152 resource.TestCheckResourceAttr( 153 "aws_redshift_cluster.default", "enhanced_vpc_routing", "false"), 154 ), 155 }, 156 }, 157 }) 158 } 159 160 func TestAccAWSRedshiftCluster_loggingEnabled(t *testing.T) { 161 var v redshift.Cluster 162 rInt := acctest.RandInt() 163 164 resource.Test(t, resource.TestCase{ 165 PreCheck: func() { testAccPreCheck(t) }, 166 Providers: testAccProviders, 167 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 168 Steps: []resource.TestStep{ 169 { 170 Config: testAccAWSRedshiftClusterConfig_loggingEnabled(rInt), 171 Check: resource.ComposeTestCheckFunc( 172 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 173 resource.TestCheckResourceAttr( 174 "aws_redshift_cluster.default", "enable_logging", "true"), 175 resource.TestCheckResourceAttr( 176 "aws_redshift_cluster.default", "bucket_name", fmt.Sprintf("tf-redshift-logging-%d", rInt)), 177 ), 178 }, 179 180 { 181 Config: testAccAWSRedshiftClusterConfig_loggingDisabled(rInt), 182 Check: resource.ComposeTestCheckFunc( 183 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 184 resource.TestCheckResourceAttr( 185 "aws_redshift_cluster.default", "enable_logging", "false"), 186 ), 187 }, 188 }, 189 }) 190 } 191 192 func TestAccAWSRedshiftCluster_iamRoles(t *testing.T) { 193 var v redshift.Cluster 194 195 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 196 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_iamRoles, ri, ri, ri) 197 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateIamRoles, ri, ri, ri) 198 199 resource.Test(t, resource.TestCase{ 200 PreCheck: func() { testAccPreCheck(t) }, 201 Providers: testAccProviders, 202 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 203 Steps: []resource.TestStep{ 204 { 205 Config: preConfig, 206 Check: resource.ComposeTestCheckFunc( 207 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 208 resource.TestCheckResourceAttr( 209 "aws_redshift_cluster.default", "iam_roles.#", "2"), 210 ), 211 }, 212 213 { 214 Config: postConfig, 215 Check: resource.ComposeTestCheckFunc( 216 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 217 resource.TestCheckResourceAttr( 218 "aws_redshift_cluster.default", "iam_roles.#", "1"), 219 ), 220 }, 221 }, 222 }) 223 } 224 225 func TestAccAWSRedshiftCluster_publiclyAccessible(t *testing.T) { 226 var v redshift.Cluster 227 rInt := acctest.RandInt() 228 229 resource.Test(t, resource.TestCase{ 230 PreCheck: func() { testAccPreCheck(t) }, 231 Providers: testAccProviders, 232 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 233 Steps: []resource.TestStep{ 234 { 235 Config: testAccAWSRedshiftClusterConfig_notPubliclyAccessible(rInt), 236 Check: resource.ComposeTestCheckFunc( 237 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 238 resource.TestCheckResourceAttr( 239 "aws_redshift_cluster.default", "publicly_accessible", "false"), 240 ), 241 }, 242 243 { 244 Config: testAccAWSRedshiftClusterConfig_updatePubliclyAccessible(rInt), 245 Check: resource.ComposeTestCheckFunc( 246 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 247 resource.TestCheckResourceAttr( 248 "aws_redshift_cluster.default", "publicly_accessible", "true"), 249 ), 250 }, 251 }, 252 }) 253 } 254 255 func TestAccAWSRedshiftCluster_updateNodeCount(t *testing.T) { 256 var v redshift.Cluster 257 258 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 259 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_basic, ri) 260 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updateNodeCount, ri) 261 262 resource.Test(t, resource.TestCase{ 263 PreCheck: func() { testAccPreCheck(t) }, 264 Providers: testAccProviders, 265 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 266 Steps: []resource.TestStep{ 267 { 268 Config: preConfig, 269 Check: resource.ComposeTestCheckFunc( 270 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 271 resource.TestCheckResourceAttr( 272 "aws_redshift_cluster.default", "number_of_nodes", "1"), 273 ), 274 }, 275 276 { 277 Config: postConfig, 278 Check: resource.ComposeTestCheckFunc( 279 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 280 resource.TestCheckResourceAttr( 281 "aws_redshift_cluster.default", "number_of_nodes", "2"), 282 ), 283 }, 284 }, 285 }) 286 } 287 288 func TestAccAWSRedshiftCluster_tags(t *testing.T) { 289 var v redshift.Cluster 290 291 ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() 292 preConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_tags, ri) 293 postConfig := fmt.Sprintf(testAccAWSRedshiftClusterConfig_updatedTags, ri) 294 295 resource.Test(t, resource.TestCase{ 296 PreCheck: func() { testAccPreCheck(t) }, 297 Providers: testAccProviders, 298 CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, 299 Steps: []resource.TestStep{ 300 { 301 Config: preConfig, 302 Check: resource.ComposeTestCheckFunc( 303 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 304 resource.TestCheckResourceAttr( 305 "aws_redshift_cluster.default", "tags.%", "3"), 306 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 307 ), 308 }, 309 310 { 311 Config: postConfig, 312 Check: resource.ComposeTestCheckFunc( 313 testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), 314 resource.TestCheckResourceAttr( 315 "aws_redshift_cluster.default", "tags.%", "1"), 316 resource.TestCheckResourceAttr("aws_redshift_cluster.default", "tags.environment", "Production"), 317 ), 318 }, 319 }, 320 }) 321 } 322 323 func testAccCheckAWSRedshiftClusterDestroy(s *terraform.State) error { 324 for _, rs := range s.RootModule().Resources { 325 if rs.Type != "aws_redshift_cluster" { 326 continue 327 } 328 329 // Try to find the Group 330 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 331 var err error 332 resp, err := conn.DescribeClusters( 333 &redshift.DescribeClustersInput{ 334 ClusterIdentifier: aws.String(rs.Primary.ID), 335 }) 336 337 if err == nil { 338 if len(resp.Clusters) != 0 && 339 *resp.Clusters[0].ClusterIdentifier == rs.Primary.ID { 340 return fmt.Errorf("Redshift Cluster %s still exists", rs.Primary.ID) 341 } 342 } 343 344 // Return nil if the cluster is already destroyed 345 if awsErr, ok := err.(awserr.Error); ok { 346 if awsErr.Code() == "ClusterNotFound" { 347 return nil 348 } 349 } 350 351 return err 352 } 353 354 return nil 355 } 356 357 func testAccCheckAWSRedshiftClusterSnapshot(rInt int) resource.TestCheckFunc { 358 return func(s *terraform.State) error { 359 for _, rs := range s.RootModule().Resources { 360 if rs.Type != "aws_redshift_cluster" { 361 continue 362 } 363 364 var err error 365 366 // Try and delete the snapshot before we check for the cluster not found 367 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 368 369 snapshot_identifier := fmt.Sprintf("tf-acctest-snapshot-%d", rInt) 370 arn, err := buildRedshiftARN(snapshot_identifier, testAccProvider.Meta().(*AWSClient).partition, testAccProvider.Meta().(*AWSClient).accountid, testAccProvider.Meta().(*AWSClient).region) 371 tagsARN := strings.Replace(arn, ":cluster:", ":snapshot:", 1) 372 if err != nil { 373 return fmt.Errorf("Error building ARN for tags check with ARN (%s): %s", tagsARN, err) 374 } 375 376 log.Printf("[INFO] Deleting the Snapshot %s", snapshot_identifier) 377 _, snapDeleteErr := conn.DeleteClusterSnapshot( 378 &redshift.DeleteClusterSnapshotInput{ 379 SnapshotIdentifier: aws.String(snapshot_identifier), 380 }) 381 if snapDeleteErr != nil { 382 return err 383 } 384 385 //lastly check that the Cluster is missing 386 resp, err := conn.DescribeClusters( 387 &redshift.DescribeClustersInput{ 388 ClusterIdentifier: aws.String(rs.Primary.ID), 389 }) 390 391 if err == nil { 392 if len(resp.Clusters) != 0 && 393 *resp.Clusters[0].ClusterIdentifier == rs.Primary.ID { 394 return fmt.Errorf("Redshift Cluster %s still exists", rs.Primary.ID) 395 } 396 } 397 398 // Return nil if the cluster is already destroyed 399 if awsErr, ok := err.(awserr.Error); ok { 400 if awsErr.Code() == "ClusterNotFound" { 401 return nil 402 } 403 404 return err 405 } 406 407 } 408 409 return nil 410 } 411 } 412 413 func testAccCheckAWSRedshiftClusterExists(n string, v *redshift.Cluster) resource.TestCheckFunc { 414 return func(s *terraform.State) error { 415 rs, ok := s.RootModule().Resources[n] 416 if !ok { 417 return fmt.Errorf("Not found: %s", n) 418 } 419 420 if rs.Primary.ID == "" { 421 return fmt.Errorf("No Redshift Cluster Instance ID is set") 422 } 423 424 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 425 resp, err := conn.DescribeClusters(&redshift.DescribeClustersInput{ 426 ClusterIdentifier: aws.String(rs.Primary.ID), 427 }) 428 429 if err != nil { 430 return err 431 } 432 433 for _, c := range resp.Clusters { 434 if *c.ClusterIdentifier == rs.Primary.ID { 435 *v = *c 436 return nil 437 } 438 } 439 440 return fmt.Errorf("Redshift Cluster (%s) not found", rs.Primary.ID) 441 } 442 } 443 444 func TestResourceAWSRedshiftClusterIdentifierValidation(t *testing.T) { 445 cases := []struct { 446 Value string 447 ErrCount int 448 }{ 449 { 450 Value: "tEsting", 451 ErrCount: 1, 452 }, 453 { 454 Value: "1testing", 455 ErrCount: 1, 456 }, 457 { 458 Value: "testing--123", 459 ErrCount: 1, 460 }, 461 { 462 Value: "testing!", 463 ErrCount: 1, 464 }, 465 { 466 Value: "testing-", 467 ErrCount: 1, 468 }, 469 } 470 471 for _, tc := range cases { 472 _, errors := validateRedshiftClusterIdentifier(tc.Value, "aws_redshift_cluster_identifier") 473 474 if len(errors) != tc.ErrCount { 475 t.Fatalf("Expected the Redshift Cluster cluster_identifier to trigger a validation error") 476 } 477 } 478 } 479 480 func TestResourceAWSRedshiftClusterFinalSnapshotIdentifierValidation(t *testing.T) { 481 cases := []struct { 482 Value string 483 ErrCount int 484 }{ 485 { 486 Value: "testing--123", 487 ErrCount: 1, 488 }, 489 { 490 Value: "testing-", 491 ErrCount: 1, 492 }, 493 { 494 Value: "Testingq123!", 495 ErrCount: 1, 496 }, 497 { 498 Value: randomString(256), 499 ErrCount: 1, 500 }, 501 } 502 503 for _, tc := range cases { 504 _, errors := validateRedshiftClusterFinalSnapshotIdentifier(tc.Value, "aws_redshift_cluster_final_snapshot_identifier") 505 506 if len(errors) != tc.ErrCount { 507 t.Fatalf("Expected the Redshift Cluster final_snapshot_identifier to trigger a validation error") 508 } 509 } 510 } 511 512 func TestResourceAWSRedshiftClusterMasterUsernameValidation(t *testing.T) { 513 cases := []struct { 514 Value string 515 ErrCount int 516 }{ 517 { 518 Value: "1Testing", 519 ErrCount: 1, 520 }, 521 { 522 Value: "Testing!!", 523 ErrCount: 1, 524 }, 525 { 526 Value: randomString(129), 527 ErrCount: 1, 528 }, 529 { 530 Value: "testing_testing123", 531 ErrCount: 0, 532 }, 533 } 534 535 for _, tc := range cases { 536 _, errors := validateRedshiftClusterMasterUsername(tc.Value, "aws_redshift_cluster_master_username") 537 538 if len(errors) != tc.ErrCount { 539 t.Fatalf("Expected the Redshift Cluster master_username to trigger a validation error") 540 } 541 } 542 } 543 544 func TestResourceAWSRedshiftClusterMasterPasswordValidation(t *testing.T) { 545 cases := []struct { 546 Value string 547 ErrCount int 548 }{ 549 { 550 Value: "1TESTING", 551 ErrCount: 1, 552 }, 553 { 554 Value: "1testing", 555 ErrCount: 1, 556 }, 557 { 558 Value: "TestTest", 559 ErrCount: 1, 560 }, 561 { 562 Value: "T3st", 563 ErrCount: 1, 564 }, 565 { 566 Value: "1Testing", 567 ErrCount: 0, 568 }, 569 { 570 Value: "1Testing@", 571 ErrCount: 1, 572 }, 573 } 574 575 for _, tc := range cases { 576 _, errors := validateRedshiftClusterMasterPassword(tc.Value, "aws_redshift_cluster_master_password") 577 578 if len(errors) != tc.ErrCount { 579 t.Fatalf("Expected the Redshift Cluster master_password to trigger a validation error") 580 } 581 } 582 } 583 584 var testAccAWSRedshiftClusterConfig_updateNodeCount = ` 585 resource "aws_redshift_cluster" "default" { 586 cluster_identifier = "tf-redshift-cluster-%d" 587 availability_zone = "us-west-2a" 588 database_name = "mydb" 589 master_username = "foo_test" 590 master_password = "Mustbe8characters" 591 node_type = "dc1.large" 592 automated_snapshot_retention_period = 0 593 allow_version_upgrade = false 594 number_of_nodes = 2 595 skip_final_snapshot = true 596 } 597 ` 598 599 var testAccAWSRedshiftClusterConfig_basic = ` 600 resource "aws_redshift_cluster" "default" { 601 cluster_identifier = "tf-redshift-cluster-%d" 602 availability_zone = "us-west-2a" 603 database_name = "mydb" 604 master_username = "foo_test" 605 master_password = "Mustbe8characters" 606 node_type = "dc1.large" 607 automated_snapshot_retention_period = 0 608 allow_version_upgrade = false 609 skip_final_snapshot = true 610 }` 611 612 func testAccAWSRedshiftClusterConfigWithFinalSnapshot(rInt int) string { 613 return fmt.Sprintf(` 614 resource "aws_redshift_cluster" "default" { 615 cluster_identifier = "tf-redshift-cluster-%d" 616 availability_zone = "us-west-2a" 617 database_name = "mydb" 618 master_username = "foo_test" 619 master_password = "Mustbe8characters" 620 node_type = "dc1.large" 621 automated_snapshot_retention_period = 0 622 allow_version_upgrade = false 623 skip_final_snapshot = false 624 final_snapshot_identifier = "tf-acctest-snapshot-%d" 625 }`, rInt, rInt) 626 } 627 628 var testAccAWSRedshiftClusterConfig_kmsKey = ` 629 resource "aws_kms_key" "foo" { 630 description = "Terraform acc test %d" 631 policy = <<POLICY 632 { 633 "Version": "2012-10-17", 634 "Id": "kms-tf-1", 635 "Statement": [ 636 { 637 "Sid": "Enable IAM User Permissions", 638 "Effect": "Allow", 639 "Principal": { 640 "AWS": "*" 641 }, 642 "Action": "kms:*", 643 "Resource": "*" 644 } 645 ] 646 } 647 POLICY 648 } 649 650 resource "aws_redshift_cluster" "default" { 651 cluster_identifier = "tf-redshift-cluster-%d" 652 availability_zone = "us-west-2a" 653 database_name = "mydb" 654 master_username = "foo_test" 655 master_password = "Mustbe8characters" 656 node_type = "dc1.large" 657 automated_snapshot_retention_period = 0 658 allow_version_upgrade = false 659 kms_key_id = "${aws_kms_key.foo.arn}" 660 encrypted = true 661 skip_final_snapshot = true 662 }` 663 664 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingEnabled = ` 665 resource "aws_redshift_cluster" "default" { 666 cluster_identifier = "tf-redshift-cluster-%d" 667 availability_zone = "us-west-2a" 668 database_name = "mydb" 669 master_username = "foo_test" 670 master_password = "Mustbe8characters" 671 node_type = "dc1.large" 672 automated_snapshot_retention_period = 0 673 allow_version_upgrade = false 674 enhanced_vpc_routing = true 675 skip_final_snapshot = true 676 } 677 ` 678 679 var testAccAWSRedshiftClusterConfig_enhancedVpcRoutingDisabled = ` 680 resource "aws_redshift_cluster" "default" { 681 cluster_identifier = "tf-redshift-cluster-%d" 682 availability_zone = "us-west-2a" 683 database_name = "mydb" 684 master_username = "foo_test" 685 master_password = "Mustbe8characters" 686 node_type = "dc1.large" 687 automated_snapshot_retention_period = 0 688 allow_version_upgrade = false 689 enhanced_vpc_routing = false 690 skip_final_snapshot = true 691 } 692 ` 693 694 func testAccAWSRedshiftClusterConfig_loggingDisabled(rInt int) string { 695 return fmt.Sprintf(` 696 resource "aws_redshift_cluster" "default" { 697 cluster_identifier = "tf-redshift-cluster-%d" 698 availability_zone = "us-west-2a" 699 database_name = "mydb" 700 master_username = "foo_test" 701 master_password = "Mustbe8characters" 702 node_type = "dc1.large" 703 automated_snapshot_retention_period = 0 704 allow_version_upgrade = false 705 enable_logging = false 706 }`, rInt) 707 } 708 709 func testAccAWSRedshiftClusterConfig_loggingEnabled(rInt int) string { 710 return fmt.Sprintf(` 711 resource "aws_s3_bucket" "bucket" { 712 bucket = "tf-redshift-logging-%d" 713 force_destroy = true 714 policy = <<EOF 715 { 716 "Version": "2008-10-17", 717 "Statement": [ 718 { 719 "Sid": "Stmt1376526643067", 720 "Effect": "Allow", 721 "Principal": { 722 "AWS": "arn:aws:iam::902366379725:user/logs" 723 }, 724 "Action": "s3:PutObject", 725 "Resource": "arn:aws:s3:::tf-redshift-logging-%d/*" 726 }, 727 { 728 "Sid": "Stmt137652664067", 729 "Effect": "Allow", 730 "Principal": { 731 "AWS": "arn:aws:iam::902366379725:user/logs" 732 }, 733 "Action": "s3:GetBucketAcl", 734 "Resource": "arn:aws:s3:::tf-redshift-logging-%d" 735 } 736 ] 737 } 738 EOF 739 } 740 741 742 resource "aws_redshift_cluster" "default" { 743 cluster_identifier = "tf-redshift-cluster-%d" 744 availability_zone = "us-west-2a" 745 database_name = "mydb" 746 master_username = "foo_test" 747 master_password = "Mustbe8characters" 748 node_type = "dc1.large" 749 automated_snapshot_retention_period = 0 750 allow_version_upgrade = false 751 enable_logging = true 752 bucket_name = "${aws_s3_bucket.bucket.bucket}" 753 skip_final_snapshot = true 754 }`, rInt, rInt, rInt, rInt) 755 } 756 757 var testAccAWSRedshiftClusterConfig_tags = ` 758 resource "aws_redshift_cluster" "default" { 759 cluster_identifier = "tf-redshift-cluster-%d" 760 availability_zone = "us-west-2a" 761 database_name = "mydb" 762 master_username = "foo" 763 master_password = "Mustbe8characters" 764 node_type = "dc1.large" 765 automated_snapshot_retention_period = 7 766 allow_version_upgrade = false 767 skip_final_snapshot = true 768 tags { 769 environment = "Production" 770 cluster = "reader" 771 Type = "master" 772 } 773 }` 774 775 var testAccAWSRedshiftClusterConfig_updatedTags = ` 776 resource "aws_redshift_cluster" "default" { 777 cluster_identifier = "tf-redshift-cluster-%d" 778 availability_zone = "us-west-2a" 779 database_name = "mydb" 780 master_username = "foo" 781 master_password = "Mustbe8characters" 782 node_type = "dc1.large" 783 automated_snapshot_retention_period = 7 784 allow_version_upgrade = false 785 skip_final_snapshot = true 786 tags { 787 environment = "Production" 788 } 789 }` 790 791 func testAccAWSRedshiftClusterConfig_notPubliclyAccessible(rInt int) string { 792 return fmt.Sprintf(` 793 resource "aws_vpc" "foo" { 794 cidr_block = "10.1.0.0/16" 795 } 796 resource "aws_internet_gateway" "foo" { 797 vpc_id = "${aws_vpc.foo.id}" 798 tags { 799 foo = "bar" 800 } 801 } 802 resource "aws_subnet" "foo" { 803 cidr_block = "10.1.1.0/24" 804 availability_zone = "us-west-2a" 805 vpc_id = "${aws_vpc.foo.id}" 806 tags { 807 Name = "tf-dbsubnet-test-1" 808 } 809 } 810 resource "aws_subnet" "bar" { 811 cidr_block = "10.1.2.0/24" 812 availability_zone = "us-west-2b" 813 vpc_id = "${aws_vpc.foo.id}" 814 tags { 815 Name = "tf-dbsubnet-test-2" 816 } 817 } 818 resource "aws_subnet" "foobar" { 819 cidr_block = "10.1.3.0/24" 820 availability_zone = "us-west-2c" 821 vpc_id = "${aws_vpc.foo.id}" 822 tags { 823 Name = "tf-dbsubnet-test-3" 824 } 825 } 826 resource "aws_redshift_subnet_group" "foo" { 827 name = "foo-%d" 828 description = "foo description" 829 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 830 } 831 resource "aws_redshift_cluster" "default" { 832 cluster_identifier = "tf-redshift-cluster-%d" 833 availability_zone = "us-west-2a" 834 database_name = "mydb" 835 master_username = "foo" 836 master_password = "Mustbe8characters" 837 node_type = "dc1.large" 838 automated_snapshot_retention_period = 0 839 allow_version_upgrade = false 840 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 841 publicly_accessible = false 842 skip_final_snapshot = true 843 }`, rInt, rInt) 844 } 845 846 func testAccAWSRedshiftClusterConfig_updatePubliclyAccessible(rInt int) string { 847 return fmt.Sprintf(` 848 resource "aws_vpc" "foo" { 849 cidr_block = "10.1.0.0/16" 850 } 851 resource "aws_internet_gateway" "foo" { 852 vpc_id = "${aws_vpc.foo.id}" 853 tags { 854 foo = "bar" 855 } 856 } 857 resource "aws_subnet" "foo" { 858 cidr_block = "10.1.1.0/24" 859 availability_zone = "us-west-2a" 860 vpc_id = "${aws_vpc.foo.id}" 861 tags { 862 Name = "tf-dbsubnet-test-1" 863 } 864 } 865 resource "aws_subnet" "bar" { 866 cidr_block = "10.1.2.0/24" 867 availability_zone = "us-west-2b" 868 vpc_id = "${aws_vpc.foo.id}" 869 tags { 870 Name = "tf-dbsubnet-test-2" 871 } 872 } 873 resource "aws_subnet" "foobar" { 874 cidr_block = "10.1.3.0/24" 875 availability_zone = "us-west-2c" 876 vpc_id = "${aws_vpc.foo.id}" 877 tags { 878 Name = "tf-dbsubnet-test-3" 879 } 880 } 881 resource "aws_redshift_subnet_group" "foo" { 882 name = "foo-%d" 883 description = "foo description" 884 subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] 885 } 886 resource "aws_redshift_cluster" "default" { 887 cluster_identifier = "tf-redshift-cluster-%d" 888 availability_zone = "us-west-2a" 889 database_name = "mydb" 890 master_username = "foo" 891 master_password = "Mustbe8characters" 892 node_type = "dc1.large" 893 automated_snapshot_retention_period = 0 894 allow_version_upgrade = false 895 cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" 896 publicly_accessible = true 897 skip_final_snapshot = true 898 }`, rInt, rInt) 899 } 900 901 var testAccAWSRedshiftClusterConfig_iamRoles = ` 902 resource "aws_iam_role" "ec2-role" { 903 name = "test-role-ec2-%d" 904 path = "/" 905 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 906 } 907 908 resource "aws_iam_role" "lambda-role" { 909 name = "test-role-lambda-%d" 910 path = "/" 911 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 912 } 913 914 resource "aws_redshift_cluster" "default" { 915 cluster_identifier = "tf-redshift-cluster-%d" 916 availability_zone = "us-west-2a" 917 database_name = "mydb" 918 master_username = "foo_test" 919 master_password = "Mustbe8characters" 920 node_type = "dc1.large" 921 automated_snapshot_retention_period = 0 922 allow_version_upgrade = false 923 iam_roles = ["${aws_iam_role.ec2-role.arn}", "${aws_iam_role.lambda-role.arn}"] 924 skip_final_snapshot = true 925 }` 926 927 var testAccAWSRedshiftClusterConfig_updateIamRoles = ` 928 resource "aws_iam_role" "ec2-role" { 929 name = "test-role-ec2-%d" 930 path = "/" 931 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 932 } 933 934 resource "aws_iam_role" "lambda-role" { 935 name = "test-role-lambda-%d" 936 path = "/" 937 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"lambda.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 938 } 939 940 resource "aws_redshift_cluster" "default" { 941 cluster_identifier = "tf-redshift-cluster-%d" 942 availability_zone = "us-west-2a" 943 database_name = "mydb" 944 master_username = "foo_test" 945 master_password = "Mustbe8characters" 946 node_type = "dc1.large" 947 automated_snapshot_retention_period = 0 948 allow_version_upgrade = false 949 iam_roles = ["${aws_iam_role.ec2-role.arn}"] 950 skip_final_snapshot = true 951 }`