mirror of
https://github.com/opentofu/opentofu.git
synced 2025-01-26 00:16:25 -06:00
Merge branch 'mbrannigan-feature/add_password_validation_redshift_cluster'
This commit is contained in:
commit
7389dca606
@ -56,9 +56,10 @@ func resourceAwsRedshiftCluster() *schema.Resource {
|
||||
},
|
||||
|
||||
"master_password": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
Sensitive: true,
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
Sensitive: true,
|
||||
ValidateFunc: validateRedshiftClusterMasterPassword,
|
||||
},
|
||||
|
||||
"cluster_security_groups": &schema.Schema{
|
||||
@ -873,6 +874,26 @@ func validateRedshiftClusterMasterUsername(v interface{}, k string) (ws []string
|
||||
return
|
||||
}
|
||||
|
||||
func validateRedshiftClusterMasterPassword(v interface{}, k string) (ws []string, errors []error) {
|
||||
value := v.(string)
|
||||
if !regexp.MustCompile(`^.*[a-z].*`).MatchString(value) {
|
||||
errors = append(errors, fmt.Errorf(
|
||||
"%q must contain at least one lowercase letter", k))
|
||||
}
|
||||
if !regexp.MustCompile(`^.*[A-Z].*`).MatchString(value) {
|
||||
errors = append(errors, fmt.Errorf(
|
||||
"%q must contain at least one uppercase letter", k))
|
||||
}
|
||||
if !regexp.MustCompile(`^.*[0-9].*`).MatchString(value) {
|
||||
errors = append(errors, fmt.Errorf(
|
||||
"%q must contain at least one number", k))
|
||||
}
|
||||
if len(value) < 8 {
|
||||
errors = append(errors, fmt.Errorf("%q must be at least 8 characters", k))
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func buildRedshiftARN(identifier, accountid, region string) (string, error) {
|
||||
if accountid == "" {
|
||||
return "", fmt.Errorf("Unable to construct cluster ARN because of missing AWS Account ID")
|
||||
|
@ -408,6 +408,42 @@ func TestResourceAWSRedshiftClusterMasterUsernameValidation(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestResourceAWSRedshiftClusterMasterPasswordValidation(t *testing.T) {
|
||||
cases := []struct {
|
||||
Value string
|
||||
ErrCount int
|
||||
}{
|
||||
{
|
||||
Value: "1TESTING",
|
||||
ErrCount: 1,
|
||||
},
|
||||
{
|
||||
Value: "1testing",
|
||||
ErrCount: 1,
|
||||
},
|
||||
{
|
||||
Value: "TestTest",
|
||||
ErrCount: 1,
|
||||
},
|
||||
{
|
||||
Value: "T3st",
|
||||
ErrCount: 1,
|
||||
},
|
||||
{
|
||||
Value: "1Testing",
|
||||
ErrCount: 0,
|
||||
},
|
||||
}
|
||||
|
||||
for _, tc := range cases {
|
||||
_, errors := validateRedshiftClusterMasterPassword(tc.Value, "aws_redshift_cluster_master_password")
|
||||
|
||||
if len(errors) != tc.ErrCount {
|
||||
t.Fatalf("Expected the Redshift Cluster master_password to trigger a validation error")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
var testAccAWSRedshiftClusterConfig_updateNodeCount = `
|
||||
resource "aws_redshift_cluster" "default" {
|
||||
cluster_identifier = "tf-redshift-cluster-%d"
|
||||
|
@ -32,9 +32,10 @@ The following arguments are supported:
|
||||
string.
|
||||
* `database_name` - (Optional) The name of the first database to be created when the cluster is created.
|
||||
If you do not provide a name, Amazon Redshift will create a default database called `dev`.
|
||||
* `node_type` - (Optional) The node type to be provisioned for the cluster.
|
||||
* `master_password` - (Optional) Password for the master DB user. Note that this may
|
||||
show up in logs, and it will be stored in the state file
|
||||
* `node_type` - (Required) The node type to be provisioned for the cluster.
|
||||
* `master_password` - (Optinal) Password for the master DB user. Note that this may
|
||||
show up in logs, and it will be stored in the state file. Password must contain at least 8 chars and
|
||||
contain at least one uppercase letter, one lowercase letter, and one number.
|
||||
* `master_username` - (Required) Username for the master DB user
|
||||
* `cluster_security_groups` - (Optional) A list of security groups to be associated with this cluster.
|
||||
* `vpc_security_group_ids` - (Optional) A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.
|
||||
@ -61,8 +62,6 @@ string.
|
||||
* `bucket_name` - (Optional, required when `enable_logging` is `true`) The name of an existing S3 bucket where the log files are to be stored. Must be in the same region as the cluster and the cluster must have read bucket and put object permissions.
|
||||
For more information on the permissions required for the bucket, please read the AWS [documentation](http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging)
|
||||
* `s3_key_prefix` - (Optional) The prefix applied to the log file names.
|
||||
* `snapshot_identifier` - (Optional) The name of the snapshot from which to create the new cluster.
|
||||
* `snapshot_cluster_identifier` - (Optional) The name of the cluster the source snapshot was created from. This parameter is required if your IAM user has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.
|
||||
* `tags` - (Optional) A mapping of tags to assign to the resource.
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user