You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+7-5Lines changed: 7 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -253,7 +253,7 @@ No modules.
253
253
| <aname="input_database_name"></a> [database\_name](#input\_database\_name)| The name of the first database to be created when the cluster is created. If you do not provide a name, Amazon Redshift will create a default database called `dev`|`string`|`null`| no |
254
254
| <aname="input_default_iam_role_arn"></a> [default\_iam\_role\_arn](#input\_default\_iam\_role\_arn)| The Amazon Resource Name (ARN) for the IAM role that was set as default for the cluster when the cluster was created |`string`|`null`| no |
255
255
| <aname="input_elastic_ip"></a> [elastic\_ip](#input\_elastic\_ip)| The Elastic IP (EIP) address for the cluster |`string`|`null`| no |
256
-
| <aname="input_encrypted"></a> [encrypted](#input\_encrypted)| If `true`, the data in the cluster is encrypted at rest |`bool`|`true`| no |
256
+
| <aname="input_encrypted"></a> [encrypted](#input\_encrypted)| If `true`, the data in the cluster is encrypted at rest |`bool`|`null`| no |
257
257
| <aname="input_endpoint_access"></a> [endpoint\_access](#input\_endpoint\_access)| Map of endpoint access (managed VPC endpoint) definitions to create | <pre>map(object({<br/> name = optional(string) # Will fall back to key if not set<br/> resource_owner = optional(string)<br/> subnet_group_name = string<br/> vpc_security_group_ids = optional(list(string))<br/> }))</pre> |`{}`| no |
258
258
| <aname="input_enhanced_vpc_routing"></a> [enhanced\_vpc\_routing](#input\_enhanced\_vpc\_routing)| If `true`, enhanced VPC routing is enabled |`bool`|`null`| no |
259
259
| <aname="input_final_snapshot_identifier"></a> [final\_snapshot\_identifier](#input\_final\_snapshot\_identifier)| The identifier of the final snapshot that is to be created immediately before deleting the cluster. If this parameter is provided, `skip_final_snapshot` must be `false`|`string`|`null`| no |
@@ -270,13 +270,14 @@ No modules.
270
270
| <aname="input_manage_master_password"></a> [manage\_master\_password](#input\_manage\_master\_password)| Whether to use AWS SecretsManager to manage the cluster admin credentials. Conflicts with `master_password`. One of `master_password` or `manage_master_password` is required unless `snapshot_identifier` is provided |`bool`|`false`| no |
271
271
| <aname="input_manage_master_password_rotation"></a> [manage\_master\_password\_rotation](#input\_manage\_master\_password\_rotation)| Whether to manage the master user password rotation. Setting this value to false after previously having been set to true will disable automatic rotation |`bool`|`false`| no |
272
272
| <aname="input_manual_snapshot_retention_period"></a> [manual\_snapshot\_retention\_period](#input\_manual\_snapshot\_retention\_period)| The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots. Valid values are between `-1` and `3653`. Default value is `-1`|`number`|`null`| no |
273
-
| <aname="input_master_password"></a> [master\_password](#input\_master\_password)| Password for the master DB user. (Required unless a `snapshot_identifier` is provided). Must contain at least 8 chars, one uppercase letter, one lowercase letter, and one number |`string`|`null`| no |
274
273
| <aname="input_master_password_rotate_immediately"></a> [master\_password\_rotate\_immediately](#input\_master\_password\_rotate\_immediately)| Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window |`bool`|`null`| no |
275
274
| <aname="input_master_password_rotation_automatically_after_days"></a> [master\_password\_rotation\_automatically\_after\_days](#input\_master\_password\_rotation\_automatically\_after\_days)| Specifies the number of days between automatic scheduled rotations of the secret. Either `master_user_password_rotation_automatically_after_days` or `master_user_password_rotation_schedule_expression` must be specified |`number`|`null`| no |
276
275
| <aname="input_master_password_rotation_duration"></a> [master\_password\_rotation\_duration](#input\_master\_password\_rotation\_duration)| The length of the rotation window in hours. For example, 3h for a three hour window |`string`|`null`| no |
277
276
| <aname="input_master_password_rotation_schedule_expression"></a> [master\_password\_rotation\_schedule\_expression](#input\_master\_password\_rotation\_schedule\_expression)| A cron() or rate() expression that defines the schedule for rotating your secret. Either `master_user_password_rotation_automatically_after_days` or `master_user_password_rotation_schedule_expression` must be specified |`string`|`null`| no |
278
277
| <aname="input_master_password_secret_kms_key_id"></a> [master\_password\_secret\_kms\_key\_id](#input\_master\_password\_secret\_kms\_key\_id)| ID of the KMS key used to encrypt the cluster admin credentials secret |`string`|`null`| no |
279
-
| <aname="input_master_username"></a> [master\_username](#input\_master\_username)| Username for the master DB user (Required unless a `snapshot_identifier` is provided). Defaults to `awsuser`|`string`|`"awsuser"`| no |
278
+
| <aname="input_master_password_wo"></a> [master\_password\_wo](#input\_master\_password\_wo)| Password for the master DB user. Must contain at least 8 chars, one uppercase letter, one lowercase letter, and one number |`string`|`null`| no |
279
+
| <aname="input_master_password_wo_version"></a> [master\_password\_wo\_version](#input\_master\_password\_wo\_version)| Used together with `master_password_wo` to trigger an update. Increment this value when an update to the `master_password_wo` is required |`string`|`null`| no |
280
+
| <aname="input_master_username"></a> [master\_username](#input\_master\_username)| Username for the master DB user. Defaults to `awsuser`|`string`|`"awsuser"`| no |
280
281
| <aname="input_multi_az"></a> [multi\_az](#input\_multi\_az)| Specifies if the Redshift cluster is multi-AZ |`bool`|`null`| no |
281
282
| <aname="input_node_type"></a> [node\_type](#input\_node\_type)| The node type to be provisioned for the cluster |`string`|`""`| no |
282
283
| <aname="input_number_of_nodes"></a> [number\_of\_nodes](#input\_number\_of\_nodes)| Number of nodes in the cluster. Defaults to 1. Note: values greater than 1 will trigger `cluster_type` to switch to `multi-node`|`number`|`1`| no |
@@ -288,7 +289,7 @@ No modules.
288
289
| <aname="input_parameter_group_tags"></a> [parameter\_group\_tags](#input\_parameter\_group\_tags)| Additional tags to add to the parameter group |`map(string)`|`{}`| no |
289
290
| <aname="input_port"></a> [port](#input\_port)| The port number on which the cluster accepts incoming connections. Default port is `5439`|`number`|`5439`| no |
290
291
| <aname="input_preferred_maintenance_window"></a> [preferred\_maintenance\_window](#input\_preferred\_maintenance\_window)| The weekly time range (in UTC) during which automated cluster maintenance can occur. Format: `ddd:hh24:mi-ddd:hh24:mi`|`string`|`"sat:10:00-sat:10:30"`| no |
291
-
| <aname="input_publicly_accessible"></a> [publicly\_accessible](#input\_publicly\_accessible)| If true, the cluster can be accessed from a public network |`bool`|`false`| no |
292
+
| <aname="input_publicly_accessible"></a> [publicly\_accessible](#input\_publicly\_accessible)| If true, the cluster can be accessed from a public network |`bool`|`null`| no |
292
293
| <aname="input_region"></a> [region](#input\_region)| Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration |`string`|`null`| no |
293
294
| <aname="input_scheduled_actions"></a> [scheduled\_actions](#input\_scheduled\_actions)| Map of scheduled action definitions to create | <pre>map(object({<br/> name = optional(string) # Will fall back to key if not set<br/> description = optional(string)<br/> enable = optional(bool)<br/> start_time = optional(string)<br/> end_time = optional(string)<br/> schedule = string<br/> iam_role = optional(string)<br/> target_action = object({<br/> pause_cluster = optional(bool, false)<br/> resize_cluster = optional(object({<br/> classic = optional(bool)<br/> cluster_type = optional(string)<br/> node_type = optional(string)<br/> number_of_nodes = optional(number)<br/> }))<br/> resume_cluster = optional(bool, false)<br/> })<br/> }))</pre> |`{}`| no |
294
295
| <aname="input_security_group_description"></a> [security\_group\_description](#input\_security\_group\_description)| The description of the security group. If value is set to empty string it will contain cluster name in the description |`string`|`null`| no |
@@ -298,9 +299,10 @@ No modules.
298
299
| <aname="input_security_group_tags"></a> [security\_group\_tags](#input\_security\_group\_tags)| Additional tags for the security group |`map(string)`|`{}`| no |
299
300
| <aname="input_security_group_use_name_prefix"></a> [security\_group\_use\_name\_prefix](#input\_security\_group\_use\_name\_prefix)| Determines whether the security group name (`security_group_name`) is used as a prefix |`bool`|`true`| no |
300
301
| <aname="input_skip_final_snapshot"></a> [skip\_final\_snapshot](#input\_skip\_final\_snapshot)| Determines whether a final snapshot of the cluster is created before Redshift deletes the cluster. If true, a final cluster snapshot is not created. If false , a final cluster snapshot is created before the cluster is deleted |`bool`|`true`| no |
302
+
| <aname="input_snapshot_arn"></a> [snapshot\_arn](#input\_snapshot\_arn)| The ARN of the snapshot from which to create the new cluster. Conflicts with `snapshot_identifier`|`string`|`null`| no |
301
303
| <aname="input_snapshot_cluster_identifier"></a> [snapshot\_cluster\_identifier](#input\_snapshot\_cluster\_identifier)| The name of the cluster the source snapshot was created from |`string`|`null`| no |
302
304
| <aname="input_snapshot_copy"></a> [snapshot\_copy](#input\_snapshot\_copy)| Configuration of automatic copy of snapshots from one region to another | <pre>object({<br/> destination_region = string<br/> manual_snapshot_retention_period = optional(number)<br/> retention_period = optional(number)<br/> grant_name = optional(string)<br/> })</pre> |`null`| no |
303
-
| <aname="input_snapshot_identifier"></a> [snapshot\_identifier](#input\_snapshot\_identifier)| The name of the snapshot from which to create the new cluster |`string`|`null`| no |
305
+
| <aname="input_snapshot_identifier"></a> [snapshot\_identifier](#input\_snapshot\_identifier)| The name of the snapshot from which to create the new cluster. Conflicts with `snapshot_arn`|`string`|`null`| no |
304
306
| <aname="input_snapshot_schedule"></a> [snapshot\_schedule](#input\_snapshot\_schedule)| Configuration for creating a snapshot schedule and associating it with the cluster | <pre>object({<br/> definitions = list(string)<br/> description = optional(string)<br/> force_destroy = optional(bool)<br/> use_prefix = optional(bool, false)<br/> identifier = optional(string)<br/> tags = optional(map(string), {})<br/> })</pre> |`null`| no |
305
307
| <aname="input_subnet_group_description"></a> [subnet\_group\_description](#input\_subnet\_group\_description)| The description of the Redshift Subnet group. Defaults to `Managed by Terraform`|`string`|`null`| no |
306
308
| <aname="input_subnet_group_name"></a> [subnet\_group\_name](#input\_subnet\_group\_name)| The name of the Redshift subnet group, existing or to be created |`string`|`null`| no |
Copy file name to clipboardExpand all lines: docs/UPGRADE-7.0.md
+3-1Lines changed: 3 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,6 +7,7 @@ Please consult the `examples` directory for reference example configurations. If
7
7
- Terraform `v1.11` is now minimum supported version to support write-only (`wo_*`) attributes.
8
8
- AWS provider `v6.18` is now minimum supported version
9
9
- The ability for the module to create a random password has been removed in order to ensure passwords are not stored in plain text within the state file. Users must now provide their own password via the `master_password_wo` variable.
10
+
-`master_password` is no longer supported and only the write-only equivalent is supported (`master_password_wo` and `master_password_wo_version`)
10
11
11
12
## Additional changes
12
13
@@ -47,7 +48,7 @@ Please consult the `examples` directory for reference example configurations. If
47
48
48
49
2. Renamed variables:
49
50
50
-
-
51
+
-`master_password` -> `master_password_wo`
51
52
52
53
3. Added variables:
53
54
@@ -59,6 +60,7 @@ Please consult the `examples` directory for reference example configurations. If
0 commit comments