Add password validation rules for redshift passwords
This commit is contained in:
Mike Brannigan
parent
78481341f6
commit
aad01a665c
|
|
@ -56,8 +56,9 @@ func resourceAwsRedshiftCluster() *schema.Resource {
|
||||||
},
|
},
|
||||||
|
|
||||||
"master_password": &schema.Schema{
|
"master_password": &schema.Schema{
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Required: true,
|
Required: true,
|
||||||
|
ValidateFunc: validateRedshiftClusterMasterPassword,
|
||||||
},
|
},
|
||||||
|
|
||||||
"cluster_security_groups": &schema.Schema{
|
"cluster_security_groups": &schema.Schema{
|
||||||
|
|
@ -800,6 +801,26 @@ func validateRedshiftClusterMasterUsername(v interface{}, k string) (ws []string
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func validateRedshiftClusterMasterPassword(v interface{}, k string) (ws []string, errors []error) {
|
||||||
|
value := v.(string)
|
||||||
|
if !regexp.MustCompile(`^.*[a-z].*`).MatchString(value) {
|
||||||
|
errors = append(errors, fmt.Errorf(
|
||||||
|
"%q must contain at least one lowercase letter", k))
|
||||||
|
}
|
||||||
|
if !regexp.MustCompile(`^.*[A-Z].*`).MatchString(value) {
|
||||||
|
errors = append(errors, fmt.Errorf(
|
||||||
|
"%q must contain at least one uppercase letter", k))
|
||||||
|
}
|
||||||
|
if !regexp.MustCompile(`^.*[0-9].*`).MatchString(value) {
|
||||||
|
errors = append(errors, fmt.Errorf(
|
||||||
|
"%q must contain at least one number", k))
|
||||||
|
}
|
||||||
|
if len(value) < 8 {
|
||||||
|
errors = append(errors, fmt.Errorf("%q must be more than 8 characters", k))
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
func buildRedshiftARN(identifier, accountid, region string) (string, error) {
|
func buildRedshiftARN(identifier, accountid, region string) (string, error) {
|
||||||
if accountid == "" {
|
if accountid == "" {
|
||||||
return "", fmt.Errorf("Unable to construct cluster ARN because of missing AWS Account ID")
|
return "", fmt.Errorf("Unable to construct cluster ARN because of missing AWS Account ID")
|
||||||
|
|
|
||||||
|
|
@ -408,6 +408,44 @@ func TestResourceAWSRedshiftClusterMasterUsernameValidation(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestResourceAWSRedshiftClusterMasterPasswordValidation(t *testing.T) {
|
||||||
|
cases := []struct {
|
||||||
|
Value string
|
||||||
|
ErrCount int
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
Value: "1TESTING",
|
||||||
|
ErrCount: 1,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Value: "1testing",
|
||||||
|
ErrCount: 1,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Value: "TestTest",
|
||||||
|
ErrCount: 1,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Value: "T3st",
|
||||||
|
ErrCount: 1,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Value: "1Testing",
|
||||||
|
ErrCount: 0,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, tc := range cases {
|
||||||
|
fmt.Printf("Test Case Value: %s\n", tc.Value)
|
||||||
|
_, errors := validateRedshiftClusterMasterPassword(tc.Value, "aws_redshift_cluster_master_password")
|
||||||
|
fmt.Printf("Expected: %d and found %d\n", tc.ErrCount, len(errors))
|
||||||
|
|
||||||
|
if len(errors) != tc.ErrCount {
|
||||||
|
t.Fatalf("Expected the Redshift Cluster master_password to trigger a validation error")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
var testAccAWSRedshiftClusterConfig_updateNodeCount = `
|
var testAccAWSRedshiftClusterConfig_updateNodeCount = `
|
||||||
resource "aws_redshift_cluster" "default" {
|
resource "aws_redshift_cluster" "default" {
|
||||||
cluster_identifier = "tf-redshift-cluster-%d"
|
cluster_identifier = "tf-redshift-cluster-%d"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue