From 3b36b71a40cf3e52d0ab1cf23a6e92a5d84534b4 Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Thu, 23 Oct 2025 10:00:02 -0500 Subject: [PATCH] feat: Allow parameter group key to be used as parameter group `name`, add outpust for cluster master password and username --- README.md | 2 ++ examples/complete/README.md | 2 ++ examples/complete/outputs.tf | 10 ++++++++++ main.tf | 13 ++++++++++--- outputs.tf | 12 ++++++++++++ wrappers/outputs.tf | 2 +- 6 files changed, 37 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 97ffc0d..1977913 100644 --- a/README.md +++ b/README.md @@ -319,6 +319,8 @@ No modules. | [cluster\_hostname](#output\_cluster\_hostname) | The hostname of the Redshift cluster | | [cluster\_id](#output\_cluster\_id) | The Redshift cluster ID | | [cluster\_identifier](#output\_cluster\_identifier) | The Redshift cluster identifier | +| [cluster\_master\_password](#output\_cluster\_master\_password) | The Redshift cluster master password | +| [cluster\_master\_username](#output\_cluster\_master\_username) | The Redshift cluster master username | | [cluster\_namespace\_arn](#output\_cluster\_namespace\_arn) | The namespace Amazon Resource Name (ARN) of the cluster | | [cluster\_node\_type](#output\_cluster\_node\_type) | The type of nodes in the cluster | | [cluster\_nodes](#output\_cluster\_nodes) | The nodes in the cluster. Each node is a map of the following attributes: `node_role`, `private_ip_address`, and `public_ip_address` | diff --git a/examples/complete/README.md b/examples/complete/README.md index 93693d1..f084b40 100644 --- a/examples/complete/README.md +++ b/examples/complete/README.md @@ -75,6 +75,8 @@ No inputs. | [cluster\_hostname](#output\_cluster\_hostname) | The hostname of the Redshift cluster | | [cluster\_id](#output\_cluster\_id) | The Redshift cluster ID | | [cluster\_identifier](#output\_cluster\_identifier) | The Redshift cluster identifier | +| [cluster\_master\_password](#output\_cluster\_master\_password) | The Redshift cluster master password | +| [cluster\_master\_username](#output\_cluster\_master\_username) | The Redshift cluster master username | | [cluster\_namespace\_arn](#output\_cluster\_namespace\_arn) | The namespace Amazon Resource Name (ARN) of the cluster | | [cluster\_node\_type](#output\_cluster\_node\_type) | The type of nodes in the cluster | | [cluster\_nodes](#output\_cluster\_nodes) | The nodes in the cluster. Each node is a map of the following attributes: `node_role`, `private_ip_address`, and `public_ip_address` | diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf index 9f11387..a8ea7ec 100644 --- a/examples/complete/outputs.tf +++ b/examples/complete/outputs.tf @@ -112,6 +112,16 @@ output "cluster_namespace_arn" { value = module.redshift.cluster_namespace_arn } +output "cluster_master_password" { + description = "The Redshift cluster master password" + value = module.redshift.cluster_master_password +} + +output "cluster_master_username" { + description = "The Redshift cluster master username" + value = module.redshift.cluster_master_username +} + ################################################################################ # Parameter Group ################################################################################ diff --git a/main.tf b/main.tf index d16debe..9ef436e 100644 --- a/main.tf +++ b/main.tf @@ -1,4 +1,10 @@ -data "aws_partition" "current" {} +data "aws_partition" "current" { + count = var.create && var.create_scheduled_action_iam_role ? 1 : 0 +} + +locals { + dns_suffix = try(data.aws_partition.current[0].dns_suffix, "") +} resource "random_password" "master_password" { count = var.create && var.create_random_password ? 1 : 0 @@ -105,8 +111,9 @@ resource "aws_redshift_parameter_group" "this" { dynamic "parameter" { for_each = var.parameter_group_parameters + content { - name = parameter.value.name + name = try(parameter.value.name, parameter.key) value = parameter.value.value } } @@ -210,7 +217,7 @@ data "aws_iam_policy_document" "scheduled_action_assume" { principals { type = "Service" - identifiers = ["scheduler.redshift.${data.aws_partition.current.dns_suffix}"] + identifiers = ["scheduler.redshift.${local.dns_suffix}"] } } } diff --git a/outputs.tf b/outputs.tf index 589abe7..0c60927 100644 --- a/outputs.tf +++ b/outputs.tf @@ -116,6 +116,18 @@ output "cluster_namespace_arn" { value = try(aws_redshift_cluster.this[0].cluster_namespace_arn, null) } +output "cluster_master_password" { + description = "The Redshift cluster master password" + value = try(aws_redshift_cluster.this[0].master_password, null) + sensitive = true +} + +output "cluster_master_username" { + description = "The Redshift cluster master username" + value = try(aws_redshift_cluster.this[0].master_username, null) + sensitive = true +} + ################################################################################ # Parameter Group ################################################################################ diff --git a/wrappers/outputs.tf b/wrappers/outputs.tf index ec6da5f..f137373 100644 --- a/wrappers/outputs.tf +++ b/wrappers/outputs.tf @@ -1,5 +1,5 @@ output "wrapper" { description = "Map of outputs of a wrapper." value = module.wrapper - # sensitive = false # No sensitive module output found + sensitive = true # At least one sensitive module output (cluster_master_password) found (requires Terraform 0.14+) }