diff --git a/builtin/providers/aws/resource_aws_redshift_cluster.go b/builtin/providers/aws/resource_aws_redshift_cluster.go index de1991ba7..ef1807612 100644 --- a/builtin/providers/aws/resource_aws_redshift_cluster.go +++ b/builtin/providers/aws/resource_aws_redshift_cluster.go @@ -146,6 +146,7 @@ func resourceAwsRedshiftCluster() *schema.Resource { Type: schema.TypeBool, Optional: true, ForceNew: true, + Default: true, }, "encrypted": &schema.Schema{ @@ -205,6 +206,7 @@ func resourceAwsRedshiftClusterCreate(d *schema.ResourceData, meta interface{}) NodeType: aws.String(d.Get("node_type").(string)), DBName: aws.String(d.Get("database_name").(string)), AllowVersionUpgrade: aws.Bool(d.Get("allow_version_upgrade").(bool)), + PubliclyAccessible: aws.Bool(d.Get("publicly_accessible").(bool)), } if v := d.Get("number_of_nodes").(int); v > 1 { @@ -242,10 +244,6 @@ func resourceAwsRedshiftClusterCreate(d *schema.ResourceData, meta interface{}) createOpts.AutomatedSnapshotRetentionPeriod = aws.Int64(int64(v.(int))) } - if v, ok := d.GetOk("publicly_accessible"); ok { - createOpts.PubliclyAccessible = aws.Bool(v.(bool)) - } - if v, ok := d.GetOk("encrypted"); ok { createOpts.Encrypted = aws.Bool(v.(bool)) } diff --git a/builtin/providers/aws/resource_aws_redshift_cluster_test.go b/builtin/providers/aws/resource_aws_redshift_cluster_test.go index c383b8849..eb4004a1e 100644 --- a/builtin/providers/aws/resource_aws_redshift_cluster_test.go +++ b/builtin/providers/aws/resource_aws_redshift_cluster_test.go @@ -30,6 +30,31 @@ func TestAccAWSRedshiftCluster_basic(t *testing.T) { testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), resource.TestCheckResourceAttr( "aws_redshift_cluster.default", "cluster_type", "single-node"), + resource.TestCheckResourceAttr( + "aws_redshift_cluster.default", "publicly_accessible", "true"), + ), + }, + }, + }) +} + +func TestAccAWSRedshiftCluster_notPubliclyAccessible(t *testing.T) { + var v redshift.Cluster + + ri := rand.New(rand.NewSource(time.Now().UnixNano())).Int() + config := fmt.Sprintf(testAccAWSRedshiftClusterConfig_notPubliclyAccessible, ri) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: config, + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), + resource.TestCheckResourceAttr( + "aws_redshift_cluster.default", "publicly_accessible", "false"), ), }, }, @@ -248,3 +273,65 @@ resource "aws_redshift_cluster" "default" { automated_snapshot_retention_period = 7 allow_version_upgrade = false }` + +var testAccAWSRedshiftClusterConfig_notPubliclyAccessible = ` +provider "aws" { + region = "us-west-2" +} + +resource "aws_vpc" "foo" { + cidr_block = "10.1.0.0/16" +} + +resource "aws_internet_gateway" "foo" { + vpc_id = "${aws_vpc.foo.id}" + tags { + foo = "bar" + } +} + +resource "aws_subnet" "foo" { + cidr_block = "10.1.1.0/24" + availability_zone = "us-west-2a" + vpc_id = "${aws_vpc.foo.id}" + tags { + Name = "tf-dbsubnet-test-1" + } +} + +resource "aws_subnet" "bar" { + cidr_block = "10.1.2.0/24" + availability_zone = "us-west-2b" + vpc_id = "${aws_vpc.foo.id}" + tags { + Name = "tf-dbsubnet-test-2" + } +} + +resource "aws_subnet" "foobar" { + cidr_block = "10.1.3.0/24" + availability_zone = "us-west-2c" + vpc_id = "${aws_vpc.foo.id}" + tags { + Name = "tf-dbsubnet-test-3" + } +} + +resource "aws_redshift_subnet_group" "foo" { + name = "foo" + description = "foo description" + subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}", "${aws_subnet.foobar.id}"] +} + +resource "aws_redshift_cluster" "default" { + cluster_identifier = "tf-redshift-cluster-%d" + availability_zone = "us-west-2a" + database_name = "mydb" + master_username = "foo" + master_password = "Mustbe8characters" + node_type = "dc1.large" + automated_snapshot_retention_period = 7 + allow_version_upgrade = false + cluster_subnet_group_name = "${aws_redshift_subnet_group.foo.name}" + publicly_accessible = false +}` diff --git a/website/source/docs/providers/aws/r/redshift_cluster.html.markdown b/website/source/docs/providers/aws/r/redshift_cluster.html.markdown index 4657abcf5..da82ef3a3 100644 --- a/website/source/docs/providers/aws/r/redshift_cluster.html.markdown +++ b/website/source/docs/providers/aws/r/redshift_cluster.html.markdown @@ -50,7 +50,7 @@ string. The version selected runs on all the nodes in the cluster. * `allow_version_upgrade` - (Optional) If true , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default is true * `number_of_nodes` - (Optional) The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node. Default is 1. -* `publicly_accessible` - (Optional) If true , the cluster can be accessed from a public network. +* `publicly_accessible` - (Optional) If true, the cluster can be accessed from a public network. Default is `true`. * `encrypted` - (Optional) If true , the data in the cluster is encrypted at rest. * `elastic_ip` - (Optional) The Elastic IP (EIP) address for the cluster. * `skip_final_snapshot` - (Optional) Determines whether a final snapshot of the cluster is created before Amazon Redshift deletes the cluster. If true , a final cluster snapshot is not created. If false , a final cluster snapshot is created before the cluster is deleted. Default is true.