Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(redshift): add publiclyAccessible prop #11162

Merged
merged 5 commits into from
Oct 29, 2020
Merged

feat(redshift): add publiclyAccessible prop #11162

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
ec159bc
feat(redshift): add publiclyAccessible prop
alex9311 Oct 27, 2020
28ff5ca
feat(redshift): add publiclyAccessible prop test
alex9311 Oct 28, 2020
4cf834c
feat(redshift): add publiclyAccessible prop code review suggestions
alex9311 Oct 28, 2020
2e79e9e
Merge branch 'master' into patch-1
alex9311 Oct 28, 2020
2d24de0
Merge branch 'master' into patch-1
mergify[bot] Oct 29, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions packages/@aws-cdk/aws-redshift/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,9 @@ By default, the master password will be generated and stored in AWS Secrets Mana

A default database named `default_db` will be created in the cluster. To change the name of this database set the `defaultDatabaseName` attribute in the constructor properties.

By default, the cluster will not be publicly accessible.
Depending on your use case, you can make the cluster publicly accessible with the `publiclyAccessible` property.

### Connecting

To control who can access the cluster, use the `.connections` attribute. Redshift Clusters have
Expand Down
9 changes: 8 additions & 1 deletion packages/@aws-cdk/aws-redshift/lib/cluster.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -307,6 +307,13 @@ export interface ClusterProps {
* @default RemovalPolicy.RETAIN
*/
readonly removalPolicy?: RemovalPolicy

/**
* Whether to make cluster publicly accessible.
*
* @default false
*/
readonly publiclyAccessible?: boolean
}

/**
Expand Down Expand Up @@ -469,7 +476,7 @@ export class Cluster extends ClusterBase {
loggingProperties,
iamRoles: props.roles ? props.roles.map(role => role.roleArn) : undefined,
dbName: props.defaultDatabaseName || 'default_db',
publiclyAccessible: false,
publiclyAccessible: props.publiclyAccessible || false,
// Encryption
kmsKeyId: props.encryptionKey && props.encryptionKey.keyArn,
encrypted: props.encrypted !== undefined ? props.encrypted : true,
Expand Down
18 changes: 18 additions & 0 deletions packages/@aws-cdk/aws-redshift/test/cluster.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,24 @@ test('cluster with parameter group', () => {

});

test('publicly accessible cluster', () => {
// WHEN
new Cluster(stack, 'Redshift', {
masterUser: {
masterUsername: 'admin',
},
vpc,
PubliclyAccessible: true,
alex9311 marked this conversation as resolved.
Show resolved Hide resolved
});

// THEN
cdkExpect(stack).to(haveResource('AWS::Redshift::Cluster', {
Properties: {
PubliclyAccessible: true,
},
alex9311 marked this conversation as resolved.
Show resolved Hide resolved
})
});

test('imported cluster with imported security group honors allowAllOutbound', () => {
// GIVEN
const cluster = Cluster.fromClusterAttributes(stack, 'Database', {
Expand Down