diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..ce7b34f
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,3 @@
+# Note, this can be removed later. Currently keeps PR's easier to review
+**/*.md linguist-documentation=true
+**/README.md linguist-generated=true
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..c3a64b8
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,7 @@
+# Use this file to define individuals or teams that are responsible for code in a repository.
+# Read more:
+#
+# Order is important: the last matching pattern has the highest precedence
+
+# These owners will be the default owners for everything
+* @cloudposse-terraform-components/engineering @cloudposse-terraform-components/admins
diff --git a/.github/banner.png b/.github/banner.png
new file mode 100644
index 0000000..2ea17a3
Binary files /dev/null and b/.github/banner.png differ
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..464d858
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,53 @@
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+- package-ecosystem: gomod
+ directory: /
+ labels:
+ - dependencies
+ - go
+ - no-release
+ schedule:
+ interval: weekly
+ day: sunday
+ ignore:
+ - dependency-name: "*"
+ update-types: ["version-update:semver-major"]
+
+- package-ecosystem: github-actions
+ open-pull-requests-limit: 3
+ directory: /
+ labels:
+ - dependencies
+ - github-actions
+ - no-release
+ groups:
+ cicd:
+ patterns:
+ - "*"
+ schedule:
+ interval: weekly
+ day: sunday
+ ignore:
+ - dependency-name: "*"
+ update-types: ["version-update:semver-major"]
+
+- package-ecosystem: npm
+ open-pull-requests-limit: 3
+ directory: /website
+ labels:
+ - dependencies
+ - javascript
+ - no-release
+ groups:
+ website:
+ patterns:
+ - "*"
+ schedule:
+ interval: weekly
+ day: sunday
+ ignore:
+ - dependency-name: "*"
+ update-types: ["version-update:semver-major"]
diff --git a/.github/labeler.yaml b/.github/labeler.yaml
new file mode 100644
index 0000000..b454123
--- /dev/null
+++ b/.github/labeler.yaml
@@ -0,0 +1,16 @@
+docs:
+ - docs/**
+ - README.*
+
+automation:
+ - .gitattributes
+ - .github/**
+ - .gitignore
+ - .pre-commit-config.yaml
+ - .tflint.hcl
+ - Makefile
+ - _typos.toml
+
+configuration:
+ - src/**
+ - test/**
diff --git a/.github/mergify.yml b/.github/mergify.yml
new file mode 100644
index 0000000..526045d
--- /dev/null
+++ b/.github/mergify.yml
@@ -0,0 +1 @@
+extends: .github
diff --git a/.github/renovate.json b/.github/renovate.json
new file mode 100644
index 0000000..47cf066
--- /dev/null
+++ b/.github/renovate.json
@@ -0,0 +1,6 @@
+{
+ "prConcurrentLimit": 5,
+ "extends": [
+ "config:base"
+ ]
+}
diff --git a/.github/settings.yml b/.github/settings.yml
new file mode 100644
index 0000000..bc2ae06
--- /dev/null
+++ b/.github/settings.yml
@@ -0,0 +1,7 @@
+# Upstream changes from _extends are only recognized when modifications are made to this file in the default branch.
+_extends: .github
+repository:
+ name: aws-redshift
+ description: This component is responsible for provisioning a RedShift instance
+ homepage: https://cloudposse.com/accelerate
+ topics: terraform, terraform-component
diff --git a/.github/workflows/branch.yml b/.github/workflows/branch.yml
new file mode 100644
index 0000000..d135b9f
--- /dev/null
+++ b/.github/workflows/branch.yml
@@ -0,0 +1,25 @@
+---
+name: Branch
+on:
+ pull_request:
+ branches:
+ - main
+ - release/**
+ types: [opened, synchronize, reopened, labeled, unlabeled]
+ push:
+ branches:
+ - main
+ - release/v*
+ paths-ignore:
+ - '.github/**'
+ - 'test/**'
+
+permissions:
+ contents: write
+ id-token: write
+ pull-requests: write
+
+jobs:
+ component:
+ uses: cloudposse-terraform-components/.github/.github/workflows/shared-terraform-component.yml@main
+ secrets: inherit
diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml
new file mode 100644
index 0000000..919a25e
--- /dev/null
+++ b/.github/workflows/chatops.yml
@@ -0,0 +1,17 @@
+---
+name: chatops
+on:
+ issue_comment:
+ types: [created]
+
+permissions:
+ pull-requests: write
+ id-token: write
+ contents: write
+ statuses: write
+
+jobs:
+ test:
+ uses: cloudposse-terraform-components/.github/.github/workflows/shared-terraform-chatops.yml@main
+ if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/terratest') }}
+ secrets: inherit
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..1b006a2
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,16 @@
+---
+name: release
+on:
+ release:
+ types:
+ - published
+
+permissions:
+ id-token: write
+ contents: write
+ pull-requests: write
+
+jobs:
+ component:
+ uses: cloudposse-terraform-components/.github/.github/workflows/shared-release-branches.yml@main
+ secrets: inherit
diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml
new file mode 100644
index 0000000..abe51be
--- /dev/null
+++ b/.github/workflows/scheduled.yml
@@ -0,0 +1,16 @@
+---
+name: scheduled
+on:
+ workflow_dispatch: { } # Allows manually trigger this workflow
+ schedule:
+ - cron: "0 3 * * *"
+
+permissions:
+ pull-requests: write
+ id-token: write
+ contents: write
+
+jobs:
+ scheduled:
+ uses: cloudposse-terraform-components/.github/.github/workflows/shared-terraform-scheduled.yml@main
+ secrets: inherit
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..6964514
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,76 @@
+# Below here should also be in .dockerignore
+.build-harness
+build-harness/
+aws-assumed-role/
+.idea/
+.vscode/
+*.iml
+.direnv
+.envrc
+
+# Compiled and auto-generated files
+# Note that the leading "**/" appears necessary for Docker even if not for Git
+
+# backend.tfvars.json may be autogenerated or not.
+# If not autogenerated, then it should not be here
+**/backend.tf.json
+**/*.backup
+**/nohup.out
+**/*.tfstate
+**/*.tfstate.*
+**/planfile
+**/*.planfile
+**/*.kubeconfig
+**/.terraform.lock.hcl
+**/terraform.tfvars.json
+**/terraform.auto.tfvars.json
+**/*.terraform.tfvars.json
+**/*.terraform.auto.tfvars.json
+**/*.helmfile.vars.yaml
+**/crash.log
+**/secrets/
+
+# Module directory
+# Note that the leading "**/" appears necessary for Docker even if not for Git
+**/.terraform*/
+**/.module/
+**/.helmfile/
+
+
+# Draft or auto-saved version
+# Note that the leading "**/" appears necessary for Docker even if not for Git
+**/*.draft.*
+**/*.draft
+**/*.orig
+**/*.bak
+**/*~
+
+# Editor-specific files
+*.sw*
+*~
+
+# macOS special files and folders
+**/.DS_Store
+**/.CFUserTextEncoding
+**/.Trash/
+**/$RECYCLE.BIN/
+
+# deps
+Brewfile.lock.json
+
+# docs targets
+docs/terraform.md
+docs/targets.md
+
+# Github actions temporary files
+docker.env
+error.txt
+github/
+
+# custom direnv and .env
+.env*
+
+# Secrets
+*.ovpn
+
+*.zip
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..cb6cb17
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,34 @@
+repos:
+ - repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: v4.4.0
+ hooks:
+ # Git style
+ - id: check-added-large-files # prevents giant files from being committed.
+ - id: forbid-new-submodules # prevents addition of new git submodules.
+ - id: no-commit-to-branch # don't commit to branch
+
+ # Common errors
+ - id: trailing-whitespace # trims trailing whitespace.
+ args: [--markdown-linebreak-ext=md]
+ - id: end-of-file-fixer # ensures that a file is either empty, or ends with one newline.
+ - id: check-merge-conflict # checks for files that contain merge conflict strings.
+ - id: check-executables-have-shebangs # ensures that (non-binary) executables have a shebang.
+
+ # Cross platform
+ - id: check-case-conflict # checks for files that would conflict in case-insensitive filesystems.
+ - id: mixed-line-ending # replaces or checks mixed line ending.
+ args: [--fix=lf]
+
+ # YAML
+ - id: check-yaml # checks yaml files for parseable syntax.
+
+ - repo: https://github.com/antonbabenko/pre-commit-terraform
+ rev: v1.81.0
+ hooks:
+ - id: terraform_fmt
+ - id: terraform_docs
+ args: ["--args=--lockfile=false"]
+ - id: terraform_tflint
+ args:
+ - --args=--config=__GIT_WORKING_DIR__/.tflint.hcl
+ exclude: "context.tf$"
diff --git a/.tflint.hcl b/.tflint.hcl
new file mode 100644
index 0000000..6a8016c
--- /dev/null
+++ b/.tflint.hcl
@@ -0,0 +1,86 @@
+# Required `tflint --init`
+plugin "aws" {
+ enabled = true
+ version = "0.23.1"
+ source = "github.com/terraform-linters/tflint-ruleset-aws"
+ # Used only in Spacelift: .spacelift/config.yml
+ deep_check = false
+ assume_role { role_arn = "" }
+
+}
+
+#
+# https://github.com/terraform-linters/tflint/tree/master/docs/rules
+#
+
+rule "terraform_comment_syntax" {
+ # Disallow `//` comments in favor of `#`
+ enabled = true
+}
+rule "terraform_deprecated_index" {
+ # Disallow legacy dot index syntax
+ enabled = true
+}
+rule "terraform_deprecated_interpolation" {
+ # Disallow deprecated (0.11-style) interpolation
+ # Enabled by default
+ enabled = true
+}
+rule "terraform_documented_outputs" {
+ # Disallow output declarations without description
+ enabled = true
+}
+rule "terraform_documented_variables" {
+ # Disallow variable declarations without description
+ enabled = true
+}
+rule "terraform_module_pinned_source" {
+ # Disallow specifying a git or mercurial repository as a module source without pinning to a version
+ # Enabled by default
+ enabled = true
+}
+rule "terraform_module_version" {
+ # Checks that Terraform modules sourced from a registry specify a version
+ # Enabled by default
+ enabled = true
+}
+rule "terraform_naming_convention" {
+ # Enforces naming conventions for resources, data sources, etc
+ enabled = true
+}
+rule "terraform_required_providers" {
+ # Require that all providers have version constraints through required_providers
+ enabled = true
+}
+rule "terraform_required_version" {
+ # Disallow terraform declarations without require_version
+ enabled = true
+}
+rule "terraform_standard_module_structure" {
+ # Ensure that a module complies with the Terraform Standard Module Structure
+ enabled = false # TODO p4: enable and fix
+}
+rule "terraform_typed_variables" {
+ # Disallow variable declarations without type
+ enabled = true
+}
+rule "terraform_unused_declarations" {
+ # Disallow variables, data sources, and locals that are declared but never used
+ enabled = true
+}
+rule "terraform_unused_required_providers" {
+ # Check that all required_providers are used in the module
+ enabled = true
+}
+rule "terraform_workspace_remote" {
+ # terraform.workspace should not be used with a "remote" backend with remote execution.
+ # Enabled by default
+ enabled = true
+}
+rule "aws_db_instance_invalid_parameter_group" {
+ # TODO: Figure out requirements to turn this back on; not sure it's providing value even as is due to AWS multi-account arch.
+ enabled = false
+}
+config {
+ variables = ["namespace=fake-namespace", "stage=fake-stage", "name=fake-name"]
+}
diff --git a/src/CHANGELOG.md b/CHANGELOG.md
similarity index 100%
rename from src/CHANGELOG.md
rename to CHANGELOG.md
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..8a6d902
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,8 @@
+-include $(shell curl -sSL -o .build-harness "https://cloudposse.tools/build-harness"; echo .build-harness)
+
+all: init readme
+
+test::
+ @echo "π Starting tests..."
+ ./test/run.sh
+ @echo "β
All tests passed."
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..01fc392
--- /dev/null
+++ b/README.md
@@ -0,0 +1,317 @@
+
+
+
+
+
+
+
+
+This component is responsible for provisioning a RedShift instance. It seeds relevant database information (hostnames,
+username, password, etc.) into AWS SSM Parameter Store.
+
+## Usage
+
+**Stack Level**: Regional
+
+Here's an example snippet for how to use this component.
+
+```yaml
+components:
+ terraform:
+ redshift:
+ vars:
+ enabled: true
+ name: redshift
+ database_name: redshift
+ publicly_accessible: false
+ node_type: dc2.large
+ number_of_nodes: 1
+ cluster_type: single-node
+ ssm_enabled: true
+ log_exports:
+ - userlog
+ - connectionlog
+ - useractivitylog
+ admin_user: redshift
+ custom_sg_enabled: true
+ custom_sg_rules:
+ - type: ingress
+ key: postgres
+ description: Allow inbound traffic to the redshift cluster
+ from_port: 5439
+ to_port: 5439
+ protocol: tcp
+ cidr_blocks:
+ - 10.0.0.0/8
+```
+
+
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.17, <= 4.67.0 |
+| [random](#requirement\_random) | >= 3.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | >= 4.17, <= 4.67.0 |
+| [random](#provider\_random) | >= 3.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [iam\_roles](#module\_iam\_roles) | ../account-map/modules/iam-roles | n/a |
+| [redshift\_cluster](#module\_redshift\_cluster) | cloudposse/redshift-cluster/aws | 1.0.0 |
+| [redshift\_sg](#module\_redshift\_sg) | cloudposse/security-group/aws | 2.2.0 |
+| [this](#module\_this) | cloudposse/label/null | 0.25.0 |
+| [vpc](#module\_vpc) | cloudposse/stack-config/yaml//modules/remote-state | 1.5.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_ssm_parameter.redshift_database_hostname](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+| [aws_ssm_parameter.redshift_database_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+| [aws_ssm_parameter.redshift_database_password](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+| [aws_ssm_parameter.redshift_database_port](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+| [aws_ssm_parameter.redshift_database_user](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+| [random_password.admin_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+| [random_pet.admin_user](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.
This is for some rare cases where resources want additional configuration of tags
and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
+| [admin\_password](#input\_admin\_password) | Password for the master DB user. Required unless a snapshot\_identifier is provided | `string` | `null` | no |
+| [admin\_user](#input\_admin\_user) | Username for the master DB user. Required unless a snapshot\_identifier is provided | `string` | `null` | no |
+| [allow\_version\_upgrade](#input\_allow\_version\_upgrade) | Whether or not to enable major version upgrades which are applied during the maintenance window to the Amazon Redshift engine that is running on the cluster | `bool` | `false` | no |
+| [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no |
+| [cluster\_type](#input\_cluster\_type) | The cluster type to use. Either `single-node` or `multi-node` | `string` | `"single-node"` | no |
+| [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"descriptor_formats": {},
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"labels_as_tags": [
"unset"
],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {},
"tenant": null
} | no |
+| [custom\_sg\_allow\_all\_egress](#input\_custom\_sg\_allow\_all\_egress) | Whether to allow all egress traffic or not | `bool` | `true` | no |
+| [custom\_sg\_enabled](#input\_custom\_sg\_enabled) | Whether to use custom security group or not | `bool` | `false` | no |
+| [custom\_sg\_rules](#input\_custom\_sg\_rules) | An array of custom security groups to create and assign to the cluster. | list(object({
key = string
type = string
from_port = number
to_port = number
protocol = string
cidr_blocks = list(string)
description = string
})) | `[]` | no |
+| [database\_name](#input\_database\_name) | The name of the first database to be created when the cluster is created | `string` | `null` | no |
+| [delimiter](#input\_delimiter) | Delimiter to be used between ID elements.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
+| [descriptor\_formats](#input\_descriptor\_formats) | Describe additional descriptors to be output in the `descriptors` output map.
Map of maps. Keys are names of descriptors. Values are maps of the form
`{
format = string
labels = list(string)
}`
(Type is `any` so the map values can later be enhanced to provide additional options.)
`format` is a Terraform format string to be passed to the `format()` function.
`labels` is a list of labels, in order, to pass to `format()` function.
Label values will be normalized before being passed to `format()` so they will be
identical to how they appear in `id`.
Default is `{}` (`descriptors` output will be empty). | `any` | `{}` | no |
+| [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
+| [engine\_version](#input\_engine\_version) | The version of the Amazon Redshift engine to use. See https://docs.aws.amazon.com/redshift/latest/mgmt/cluster-versions.html | `string` | `"1.0"` | no |
+| [environment](#input\_environment) | ID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no |
+| [id\_length\_limit](#input\_id\_length\_limit) | Limit `id` to this many characters (minimum 6).
Set to `0` for unlimited length.
Set to `null` for keep the existing setting, which defaults to `0`.
Does not affect `id_full`. | `number` | `null` | no |
+| [kms\_alias\_name\_ssm](#input\_kms\_alias\_name\_ssm) | KMS alias name for SSM | `string` | `"alias/aws/ssm"` | no |
+| [label\_key\_case](#input\_label\_key\_case) | Controls the letter case of the `tags` keys (label names) for tags generated by this module.
Does not affect keys of tags passed in via the `tags` input.
Possible values: `lower`, `title`, `upper`.
Default value: `title`. | `string` | `null` | no |
+| [label\_order](#input\_label\_order) | The order in which the labels (ID elements) appear in the `id`.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 6 labels ("tenant" is the 6th), but at least one must be present. | `list(string)` | `null` | no |
+| [label\_value\_case](#input\_label\_value\_case) | Controls the letter case of ID elements (labels) as included in `id`,
set as tag values, and output by this module individually.
Does not affect values of tags passed in via the `tags` input.
Possible values: `lower`, `title`, `upper` and `none` (no transformation).
Set this to `title` and set `delimiter` to `""` to yield Pascal Case IDs.
Default value: `lower`. | `string` | `null` | no |
+| [labels\_as\_tags](#input\_labels\_as\_tags) | Set of labels (ID elements) to include as tags in the `tags` output.
Default is to include all labels.
Tags with empty values will not be included in the `tags` output.
Set to `[]` to suppress all generated tags.
**Notes:**
The value of the `name` tag, if included, will be the `id`, not the `name`.
Unlike other `null-label` inputs, the initial setting of `labels_as_tags` cannot be
changed in later chained modules. Attempts to change it will be silently ignored. | `set(string)` | [
"default"
]
| no |
+| [name](#input\_name) | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'.
This is the only ID element not also included as a `tag`.
The "name" tag is set to the full `id` string. There is no tag with the value of the `name` input. | `string` | `null` | no |
+| [namespace](#input\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no |
+| [node\_type](#input\_node\_type) | The node type to be provisioned for the cluster. See https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#working-with-clusters-overview | `string` | `"dc2.large"` | no |
+| [number\_of\_nodes](#input\_number\_of\_nodes) | The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node | `number` | `1` | no |
+| [port](#input\_port) | The port number on which the cluster accepts incoming connections | `number` | `5439` | no |
+| [publicly\_accessible](#input\_publicly\_accessible) | If true, the cluster can be accessed from a public network | `bool` | `false` | no |
+| [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
+| [region](#input\_region) | AWS region | `string` | n/a | yes |
+| [security\_group\_ids](#input\_security\_group\_ids) | An array of security group IDs to associate with the endpoint. | `list(string)` | `null` | no |
+| [ssm\_enabled](#input\_ssm\_enabled) | If `true` create SSM keys for the database user and password. | `bool` | `false` | no |
+| [ssm\_key\_format](#input\_ssm\_key\_format) | SSM path format. The values will will be used in the following order: `var.ssm_key_prefix`, `var.name`, `var.ssm_key_*` | `string` | `"/%v/%v/%v"` | no |
+| [ssm\_key\_hostname](#input\_ssm\_key\_hostname) | The SSM key to save the hostname. See `var.ssm_path_format`. | `string` | `"admin/db_hostname"` | no |
+| [ssm\_key\_password](#input\_ssm\_key\_password) | The SSM key to save the password. See `var.ssm_path_format`. | `string` | `"admin/db_password"` | no |
+| [ssm\_key\_port](#input\_ssm\_key\_port) | The SSM key to save the port. See `var.ssm_path_format`. | `string` | `"admin/db_port"` | no |
+| [ssm\_key\_prefix](#input\_ssm\_key\_prefix) | SSM path prefix. Omit the leading forward slash `/`. | `string` | `"redshift"` | no |
+| [ssm\_key\_user](#input\_ssm\_key\_user) | The SSM key to save the user. See `var.ssm_path_format`. | `string` | `"admin/db_user"` | no |
+| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
+| [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).
Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |
+| [tenant](#input\_tenant) | ID element \_(Rarely used, not included by default)\_. A customer identifier, indicating who this instance of a resource is for | `string` | `null` | no |
+| [use\_private\_subnets](#input\_use\_private\_subnets) | Whether to use private or public subnets for the Redshift cluster | `bool` | `true` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [arn](#output\_arn) | Amazon Resource Name (ARN) of cluster |
+| [cluster\_identifier](#output\_cluster\_identifier) | The Cluster Identifier |
+| [cluster\_security\_groups](#output\_cluster\_security\_groups) | The security groups associated with the cluster |
+| [database\_name](#output\_database\_name) | The name of the default database in the Cluster |
+| [dns\_name](#output\_dns\_name) | The DNS name of the cluster |
+| [endpoint](#output\_endpoint) | The connection endpoint |
+| [id](#output\_id) | The Redshift Cluster ID |
+| [port](#output\_port) | The Port the cluster responds on |
+| [redshift\_database\_ssm\_key\_prefix](#output\_redshift\_database\_ssm\_key\_prefix) | SSM prefix |
+| [vpc\_security\_group\_ids](#output\_vpc\_security\_group\_ids) | The VPC security group IDs associated with the cluster |
+
+
+
+## References
+
+- [cloudposse/terraform-aws-components](https://github.com/cloudposse/terraform-aws-components/tree/main/modules/redshift) -
+ Cloud Posse's upstream component
+
+
+---
+> [!NOTE]
+> This project is part of Cloud Posse's comprehensive ["SweetOps"](https://cpco.io/homepage?utm_source=github&utm_medium=readme&utm_campaign=cloudposse-terraform-components/aws-redshift&utm_content=) approach towards DevOps.
+> Learn More
+>
+> It's 100% Open Source and licensed under the [APACHE2](LICENSE).
+>
+> 
+
+
+
+
+
+
+
+
+
+
+
+## Related Projects
+
+Check out these related projects.
+
+- [Cloud Posse Terraform Modules](https://docs.cloudposse.com/modules/) - Our collection of reusable Terraform modules used by our reference architectures.
+- [Atmos](https://atmos.tools) - Atmos is like docker-compose but for your infrastructure
+
+## β¨ Contributing
+
+This project is under active development, and we encourage contributions from our community.
+Many thanks to our outstanding contributors:
+
+
+ 
+
+
+### π Bug Reports & Feature Requests
+
+Please use the [issue tracker](https://github.com/cloudposse-terraform-components/aws-redshift/issues) to report any bugs or file feature requests.
+
+### π» Developing
+
+If you are interested in being a contributor and want to get involved in developing this project or help out with Cloud Posse's other projects, we would love to hear from you!
+Hit us up in [Slack](https://cpco.io/slack?utm_source=github&utm_medium=readme&utm_campaign=cloudposse-terraform-components/aws-redshift&utm_content=slack), in the `#cloudposse` channel.
+
+In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.
+ 1. Review our [Code of Conduct](https://github.com/cloudposse-terraform-components/aws-redshift/?tab=coc-ov-file#code-of-conduct) and [Contributor Guidelines](https://github.com/cloudposse/.github/blob/main/CONTRIBUTING.md).
+ 2. **Fork** the repo on GitHub
+ 3. **Clone** the project to your own machine
+ 4. **Commit** changes to your own branch
+ 5. **Push** your work back up to your fork
+ 6. Submit a **Pull Request** so that we can review your changes
+
+**NOTE:** Be sure to merge the latest changes from "upstream" before making a pull request!
+
+### π Slack Community
+
+Join our [Open Source Community](https://cpco.io/slack?utm_source=github&utm_medium=readme&utm_campaign=cloudposse-terraform-components/aws-redshift&utm_content=slack) on Slack. It's **FREE** for everyone! Our "SweetOps" community is where you get to talk with others who share a similar vision for how to rollout and manage infrastructure. This is the best place to talk shop, ask questions, solicit feedback, and work together as a community to build totally *sweet* infrastructure.
+
+### π° Newsletter
+
+Sign up for [our newsletter](https://cpco.io/newsletter?utm_source=github&utm_medium=readme&utm_campaign=cloudposse-terraform-components/aws-redshift&utm_content=newsletter) and join 3,000+ DevOps engineers, CTOs, and founders who get insider access to the latest DevOps trends, so you can always stay in the know.
+Dropped straight into your Inbox every week β and usually a 5-minute read.
+
+### π Office Hours 
+
+[Join us every Wednesday via Zoom](https://cloudposse.com/office-hours?utm_source=github&utm_medium=readme&utm_campaign=cloudposse-terraform-components/aws-redshift&utm_content=office_hours) for your weekly dose of insider DevOps trends, AWS news and Terraform insights, all sourced from our SweetOps community, plus a _live Q&A_ that you canβt find anywhere else.
+It's **FREE** for everyone!
+
+## About
+
+This project is maintained by Cloud Posse, LLC.
+
+
+We are a [**DevOps Accelerator**](https://cpco.io/commercial-support?utm_source=github&utm_medium=readme&utm_campaign=cloudposse-terraform-components/aws-redshift&utm_content=commercial_support) for funded startups and enterprises.
+Use our ready-to-go terraform architecture blueprints for AWS to get up and running quickly.
+We build it with you. You own everything. Your team wins. Plus, we stick around until you succeed.
+
+
+
+*Your team can operate like a pro today.*
+
+Ensure that your team succeeds by using our proven process and turnkey blueprints. Plus, we stick around until you succeed.
+
+
+ π See What's Included
+
+- **Reference Architecture.** You'll get everything you need from the ground up built using 100% infrastructure as code.
+- **Deployment Strategy.** You'll have a battle-tested deployment strategy using GitHub Actions that's automated and repeatable.
+- **Site Reliability Engineering.** You'll have total visibility into your apps and microservices.
+- **Security Baseline.** You'll have built-in governance with accountability and audit logs for all changes.
+- **GitOps.** You'll be able to operate your infrastructure via Pull Requests.
+- **Training.** You'll receive hands-on training so your team can operate what we build.
+- **Questions.** You'll have a direct line of communication between our teams via a Shared Slack channel.
+- **Troubleshooting.** You'll get help to triage when things aren't working.
+- **Code Reviews.** You'll receive constructive feedback on Pull Requests.
+- **Bug Fixes.** We'll rapidly work with you to fix any bugs in our projects.
+
+
+
+## License
+
+
+
+
+Preamble to the Apache License, Version 2.0
+
+
+
+
+
+```text
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+```
+
+
+## Trademarks
+
+All other trademarks referenced herein are the property of their respective owners.
+---
+Copyright Β© 2017-2024 [Cloud Posse, LLC](https://cpco.io/copyright)
+
+
+
+
+
diff --git a/README.yaml b/README.yaml
new file mode 100644
index 0000000..a03b780
--- /dev/null
+++ b/README.yaml
@@ -0,0 +1,178 @@
+name: "aws-redshift"
+# Canonical GitHub repo
+github_repo: "cloudposse-terraform-components/aws-redshift"
+# Short description of this project
+description: |-
+ This component is responsible for provisioning a RedShift instance. It seeds relevant database information (hostnames,
+ username, password, etc.) into AWS SSM Parameter Store.
+
+ ## Usage
+
+ **Stack Level**: Regional
+
+ Here's an example snippet for how to use this component.
+
+ ```yaml
+ components:
+ terraform:
+ redshift:
+ vars:
+ enabled: true
+ name: redshift
+ database_name: redshift
+ publicly_accessible: false
+ node_type: dc2.large
+ number_of_nodes: 1
+ cluster_type: single-node
+ ssm_enabled: true
+ log_exports:
+ - userlog
+ - connectionlog
+ - useractivitylog
+ admin_user: redshift
+ custom_sg_enabled: true
+ custom_sg_rules:
+ - type: ingress
+ key: postgres
+ description: Allow inbound traffic to the redshift cluster
+ from_port: 5439
+ to_port: 5439
+ protocol: tcp
+ cidr_blocks:
+ - 10.0.0.0/8
+ ```
+
+
+
+ ## Requirements
+
+ | Name | Version |
+ |------|---------|
+ | [terraform](#requirement\_terraform) | >= 1.0 |
+ | [aws](#requirement\_aws) | >= 4.17, <= 4.67.0 |
+ | [random](#requirement\_random) | >= 3.0 |
+
+ ## Providers
+
+ | Name | Version |
+ |------|---------|
+ | [aws](#provider\_aws) | >= 4.17, <= 4.67.0 |
+ | [random](#provider\_random) | >= 3.0 |
+
+ ## Modules
+
+ | Name | Source | Version |
+ |------|--------|---------|
+ | [iam\_roles](#module\_iam\_roles) | ../account-map/modules/iam-roles | n/a |
+ | [redshift\_cluster](#module\_redshift\_cluster) | cloudposse/redshift-cluster/aws | 1.0.0 |
+ | [redshift\_sg](#module\_redshift\_sg) | cloudposse/security-group/aws | 2.2.0 |
+ | [this](#module\_this) | cloudposse/label/null | 0.25.0 |
+ | [vpc](#module\_vpc) | cloudposse/stack-config/yaml//modules/remote-state | 1.5.0 |
+
+ ## Resources
+
+ | Name | Type |
+ |------|------|
+ | [aws_ssm_parameter.redshift_database_hostname](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+ | [aws_ssm_parameter.redshift_database_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+ | [aws_ssm_parameter.redshift_database_password](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+ | [aws_ssm_parameter.redshift_database_port](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+ | [aws_ssm_parameter.redshift_database_user](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+ | [random_password.admin_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+ | [random_pet.admin_user](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) | resource |
+
+ ## Inputs
+
+ | Name | Description | Type | Default | Required |
+ |------|-------------|------|---------|:--------:|
+ | [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.
This is for some rare cases where resources want additional configuration of tags
and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
+ | [admin\_password](#input\_admin\_password) | Password for the master DB user. Required unless a snapshot\_identifier is provided | `string` | `null` | no |
+ | [admin\_user](#input\_admin\_user) | Username for the master DB user. Required unless a snapshot\_identifier is provided | `string` | `null` | no |
+ | [allow\_version\_upgrade](#input\_allow\_version\_upgrade) | Whether or not to enable major version upgrades which are applied during the maintenance window to the Amazon Redshift engine that is running on the cluster | `bool` | `false` | no |
+ | [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no |
+ | [cluster\_type](#input\_cluster\_type) | The cluster type to use. Either `single-node` or `multi-node` | `string` | `"single-node"` | no |
+ | [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"descriptor_formats": {},
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"labels_as_tags": [
"unset"
],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {},
"tenant": null
} | no |
+ | [custom\_sg\_allow\_all\_egress](#input\_custom\_sg\_allow\_all\_egress) | Whether to allow all egress traffic or not | `bool` | `true` | no |
+ | [custom\_sg\_enabled](#input\_custom\_sg\_enabled) | Whether to use custom security group or not | `bool` | `false` | no |
+ | [custom\_sg\_rules](#input\_custom\_sg\_rules) | An array of custom security groups to create and assign to the cluster. | list(object({
key = string
type = string
from_port = number
to_port = number
protocol = string
cidr_blocks = list(string)
description = string
})) | `[]` | no |
+ | [database\_name](#input\_database\_name) | The name of the first database to be created when the cluster is created | `string` | `null` | no |
+ | [delimiter](#input\_delimiter) | Delimiter to be used between ID elements.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
+ | [descriptor\_formats](#input\_descriptor\_formats) | Describe additional descriptors to be output in the `descriptors` output map.
Map of maps. Keys are names of descriptors. Values are maps of the form
`{
format = string
labels = list(string)
}`
(Type is `any` so the map values can later be enhanced to provide additional options.)
`format` is a Terraform format string to be passed to the `format()` function.
`labels` is a list of labels, in order, to pass to `format()` function.
Label values will be normalized before being passed to `format()` so they will be
identical to how they appear in `id`.
Default is `{}` (`descriptors` output will be empty). | `any` | `{}` | no |
+ | [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
+ | [engine\_version](#input\_engine\_version) | The version of the Amazon Redshift engine to use. See https://docs.aws.amazon.com/redshift/latest/mgmt/cluster-versions.html | `string` | `"1.0"` | no |
+ | [environment](#input\_environment) | ID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no |
+ | [id\_length\_limit](#input\_id\_length\_limit) | Limit `id` to this many characters (minimum 6).
Set to `0` for unlimited length.
Set to `null` for keep the existing setting, which defaults to `0`.
Does not affect `id_full`. | `number` | `null` | no |
+ | [kms\_alias\_name\_ssm](#input\_kms\_alias\_name\_ssm) | KMS alias name for SSM | `string` | `"alias/aws/ssm"` | no |
+ | [label\_key\_case](#input\_label\_key\_case) | Controls the letter case of the `tags` keys (label names) for tags generated by this module.
Does not affect keys of tags passed in via the `tags` input.
Possible values: `lower`, `title`, `upper`.
Default value: `title`. | `string` | `null` | no |
+ | [label\_order](#input\_label\_order) | The order in which the labels (ID elements) appear in the `id`.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 6 labels ("tenant" is the 6th), but at least one must be present. | `list(string)` | `null` | no |
+ | [label\_value\_case](#input\_label\_value\_case) | Controls the letter case of ID elements (labels) as included in `id`,
set as tag values, and output by this module individually.
Does not affect values of tags passed in via the `tags` input.
Possible values: `lower`, `title`, `upper` and `none` (no transformation).
Set this to `title` and set `delimiter` to `""` to yield Pascal Case IDs.
Default value: `lower`. | `string` | `null` | no |
+ | [labels\_as\_tags](#input\_labels\_as\_tags) | Set of labels (ID elements) to include as tags in the `tags` output.
Default is to include all labels.
Tags with empty values will not be included in the `tags` output.
Set to `[]` to suppress all generated tags.
**Notes:**
The value of the `name` tag, if included, will be the `id`, not the `name`.
Unlike other `null-label` inputs, the initial setting of `labels_as_tags` cannot be
changed in later chained modules. Attempts to change it will be silently ignored. | `set(string)` | [
"default"
]
| no |
+ | [name](#input\_name) | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'.
This is the only ID element not also included as a `tag`.
The "name" tag is set to the full `id` string. There is no tag with the value of the `name` input. | `string` | `null` | no |
+ | [namespace](#input\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no |
+ | [node\_type](#input\_node\_type) | The node type to be provisioned for the cluster. See https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#working-with-clusters-overview | `string` | `"dc2.large"` | no |
+ | [number\_of\_nodes](#input\_number\_of\_nodes) | The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node | `number` | `1` | no |
+ | [port](#input\_port) | The port number on which the cluster accepts incoming connections | `number` | `5439` | no |
+ | [publicly\_accessible](#input\_publicly\_accessible) | If true, the cluster can be accessed from a public network | `bool` | `false` | no |
+ | [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
+ | [region](#input\_region) | AWS region | `string` | n/a | yes |
+ | [security\_group\_ids](#input\_security\_group\_ids) | An array of security group IDs to associate with the endpoint. | `list(string)` | `null` | no |
+ | [ssm\_enabled](#input\_ssm\_enabled) | If `true` create SSM keys for the database user and password. | `bool` | `false` | no |
+ | [ssm\_key\_format](#input\_ssm\_key\_format) | SSM path format. The values will will be used in the following order: `var.ssm_key_prefix`, `var.name`, `var.ssm_key_*` | `string` | `"/%v/%v/%v"` | no |
+ | [ssm\_key\_hostname](#input\_ssm\_key\_hostname) | The SSM key to save the hostname. See `var.ssm_path_format`. | `string` | `"admin/db_hostname"` | no |
+ | [ssm\_key\_password](#input\_ssm\_key\_password) | The SSM key to save the password. See `var.ssm_path_format`. | `string` | `"admin/db_password"` | no |
+ | [ssm\_key\_port](#input\_ssm\_key\_port) | The SSM key to save the port. See `var.ssm_path_format`. | `string` | `"admin/db_port"` | no |
+ | [ssm\_key\_prefix](#input\_ssm\_key\_prefix) | SSM path prefix. Omit the leading forward slash `/`. | `string` | `"redshift"` | no |
+ | [ssm\_key\_user](#input\_ssm\_key\_user) | The SSM key to save the user. See `var.ssm_path_format`. | `string` | `"admin/db_user"` | no |
+ | [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
+ | [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).
Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |
+ | [tenant](#input\_tenant) | ID element \_(Rarely used, not included by default)\_. A customer identifier, indicating who this instance of a resource is for | `string` | `null` | no |
+ | [use\_private\_subnets](#input\_use\_private\_subnets) | Whether to use private or public subnets for the Redshift cluster | `bool` | `true` | no |
+
+ ## Outputs
+
+ | Name | Description |
+ |------|-------------|
+ | [arn](#output\_arn) | Amazon Resource Name (ARN) of cluster |
+ | [cluster\_identifier](#output\_cluster\_identifier) | The Cluster Identifier |
+ | [cluster\_security\_groups](#output\_cluster\_security\_groups) | The security groups associated with the cluster |
+ | [database\_name](#output\_database\_name) | The name of the default database in the Cluster |
+ | [dns\_name](#output\_dns\_name) | The DNS name of the cluster |
+ | [endpoint](#output\_endpoint) | The connection endpoint |
+ | [id](#output\_id) | The Redshift Cluster ID |
+ | [port](#output\_port) | The Port the cluster responds on |
+ | [redshift\_database\_ssm\_key\_prefix](#output\_redshift\_database\_ssm\_key\_prefix) | SSM prefix |
+ | [vpc\_security\_group\_ids](#output\_vpc\_security\_group\_ids) | The VPC security group IDs associated with the cluster |
+
+
+
+ ## References
+
+ - [cloudposse/terraform-aws-components](https://github.com/cloudposse/terraform-aws-components/tree/main/modules/redshift) -
+ Cloud Posse's upstream component
+tags:
+ - component/redshift
+ - layer/data
+ - provider/aws
+# Categories of this project
+categories:
+ - component/redshift
+ - layer/data
+ - provider/aws
+# License of this project
+license: "APACHE2"
+# Badges to display
+badges:
+ - name: Latest Release
+ image: https://img.shields.io/github/release/cloudposse-terraform-components/aws-redshift.svg?style=for-the-badge
+ url: https://github.com/cloudposse-terraform-components/aws-redshift/releases/latest
+ - name: Slack Community
+ image: https://slack.cloudposse.com/for-the-badge.svg
+ url: https://slack.cloudposse.com
+related:
+ - name: "Cloud Posse Terraform Modules"
+ description: Our collection of reusable Terraform modules used by our reference architectures.
+ url: "https://docs.cloudposse.com/modules/"
+ - name: "Atmos"
+ description: "Atmos is like docker-compose but for your infrastructure"
+ url: "https://atmos.tools"
+contributors: [] # If included generates contribs
diff --git a/_typos.toml b/_typos.toml
new file mode 100644
index 0000000..89c196a
--- /dev/null
+++ b/_typos.toml
@@ -0,0 +1,12 @@
+# https://github.com/crate-ci/typos
+
+[files]
+extend-exclude = [
+ "*.xml",
+]
+
+[default]
+extend-ignore-identifiers-re = []
+
+[default.extend-words] # Don't correct
+ue = "ue" # environment name
diff --git a/docs/.gitkeep b/docs/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/src/README.md b/src/README.md
deleted file mode 100644
index 7e5445b..0000000
--- a/src/README.md
+++ /dev/null
@@ -1,157 +0,0 @@
----
-tags:
- - component/redshift
- - layer/data
- - provider/aws
----
-
-# Component: `redshift`
-
-This component is responsible for provisioning a RedShift instance. It seeds relevant database information (hostnames,
-username, password, etc.) into AWS SSM Parameter Store.
-
-## Usage
-
-**Stack Level**: Regional
-
-Here's an example snippet for how to use this component.
-
-```yaml
-components:
- terraform:
- redshift:
- vars:
- enabled: true
- name: redshift
- database_name: redshift
- publicly_accessible: false
- node_type: dc2.large
- number_of_nodes: 1
- cluster_type: single-node
- ssm_enabled: true
- log_exports:
- - userlog
- - connectionlog
- - useractivitylog
- admin_user: redshift
- custom_sg_enabled: true
- custom_sg_rules:
- - type: ingress
- key: postgres
- description: Allow inbound traffic to the redshift cluster
- from_port: 5439
- to_port: 5439
- protocol: tcp
- cidr_blocks:
- - 10.0.0.0/8
-```
-
-
-
-## Requirements
-
-| Name | Version |
-|------|---------|
-| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 4.17, <= 4.67.0 |
-| [random](#requirement\_random) | >= 3.0 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| [aws](#provider\_aws) | >= 4.17, <= 4.67.0 |
-| [random](#provider\_random) | >= 3.0 |
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| [iam\_roles](#module\_iam\_roles) | ../account-map/modules/iam-roles | n/a |
-| [redshift\_cluster](#module\_redshift\_cluster) | cloudposse/redshift-cluster/aws | 1.0.0 |
-| [redshift\_sg](#module\_redshift\_sg) | cloudposse/security-group/aws | 2.2.0 |
-| [this](#module\_this) | cloudposse/label/null | 0.25.0 |
-| [vpc](#module\_vpc) | cloudposse/stack-config/yaml//modules/remote-state | 1.5.0 |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_ssm_parameter.redshift_database_hostname](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
-| [aws_ssm_parameter.redshift_database_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
-| [aws_ssm_parameter.redshift_database_password](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
-| [aws_ssm_parameter.redshift_database_port](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
-| [aws_ssm_parameter.redshift_database_user](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
-| [random_password.admin_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
-| [random_pet.admin_user](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.
This is for some rare cases where resources want additional configuration of tags
and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
-| [admin\_password](#input\_admin\_password) | Password for the master DB user. Required unless a snapshot\_identifier is provided | `string` | `null` | no |
-| [admin\_user](#input\_admin\_user) | Username for the master DB user. Required unless a snapshot\_identifier is provided | `string` | `null` | no |
-| [allow\_version\_upgrade](#input\_allow\_version\_upgrade) | Whether or not to enable major version upgrades which are applied during the maintenance window to the Amazon Redshift engine that is running on the cluster | `bool` | `false` | no |
-| [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no |
-| [cluster\_type](#input\_cluster\_type) | The cluster type to use. Either `single-node` or `multi-node` | `string` | `"single-node"` | no |
-| [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"descriptor_formats": {},
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"labels_as_tags": [
"unset"
],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {},
"tenant": null
} | no |
-| [custom\_sg\_allow\_all\_egress](#input\_custom\_sg\_allow\_all\_egress) | Whether to allow all egress traffic or not | `bool` | `true` | no |
-| [custom\_sg\_enabled](#input\_custom\_sg\_enabled) | Whether to use custom security group or not | `bool` | `false` | no |
-| [custom\_sg\_rules](#input\_custom\_sg\_rules) | An array of custom security groups to create and assign to the cluster. | list(object({
key = string
type = string
from_port = number
to_port = number
protocol = string
cidr_blocks = list(string)
description = string
})) | `[]` | no |
-| [database\_name](#input\_database\_name) | The name of the first database to be created when the cluster is created | `string` | `null` | no |
-| [delimiter](#input\_delimiter) | Delimiter to be used between ID elements.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
-| [descriptor\_formats](#input\_descriptor\_formats) | Describe additional descriptors to be output in the `descriptors` output map.
Map of maps. Keys are names of descriptors. Values are maps of the form
`{
format = string
labels = list(string)
}`
(Type is `any` so the map values can later be enhanced to provide additional options.)
`format` is a Terraform format string to be passed to the `format()` function.
`labels` is a list of labels, in order, to pass to `format()` function.
Label values will be normalized before being passed to `format()` so they will be
identical to how they appear in `id`.
Default is `{}` (`descriptors` output will be empty). | `any` | `{}` | no |
-| [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
-| [engine\_version](#input\_engine\_version) | The version of the Amazon Redshift engine to use. See https://docs.aws.amazon.com/redshift/latest/mgmt/cluster-versions.html | `string` | `"1.0"` | no |
-| [environment](#input\_environment) | ID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no |
-| [id\_length\_limit](#input\_id\_length\_limit) | Limit `id` to this many characters (minimum 6).
Set to `0` for unlimited length.
Set to `null` for keep the existing setting, which defaults to `0`.
Does not affect `id_full`. | `number` | `null` | no |
-| [kms\_alias\_name\_ssm](#input\_kms\_alias\_name\_ssm) | KMS alias name for SSM | `string` | `"alias/aws/ssm"` | no |
-| [label\_key\_case](#input\_label\_key\_case) | Controls the letter case of the `tags` keys (label names) for tags generated by this module.
Does not affect keys of tags passed in via the `tags` input.
Possible values: `lower`, `title`, `upper`.
Default value: `title`. | `string` | `null` | no |
-| [label\_order](#input\_label\_order) | The order in which the labels (ID elements) appear in the `id`.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 6 labels ("tenant" is the 6th), but at least one must be present. | `list(string)` | `null` | no |
-| [label\_value\_case](#input\_label\_value\_case) | Controls the letter case of ID elements (labels) as included in `id`,
set as tag values, and output by this module individually.
Does not affect values of tags passed in via the `tags` input.
Possible values: `lower`, `title`, `upper` and `none` (no transformation).
Set this to `title` and set `delimiter` to `""` to yield Pascal Case IDs.
Default value: `lower`. | `string` | `null` | no |
-| [labels\_as\_tags](#input\_labels\_as\_tags) | Set of labels (ID elements) to include as tags in the `tags` output.
Default is to include all labels.
Tags with empty values will not be included in the `tags` output.
Set to `[]` to suppress all generated tags.
**Notes:**
The value of the `name` tag, if included, will be the `id`, not the `name`.
Unlike other `null-label` inputs, the initial setting of `labels_as_tags` cannot be
changed in later chained modules. Attempts to change it will be silently ignored. | `set(string)` | [
"default"
]
| no |
-| [name](#input\_name) | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'.
This is the only ID element not also included as a `tag`.
The "name" tag is set to the full `id` string. There is no tag with the value of the `name` input. | `string` | `null` | no |
-| [namespace](#input\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no |
-| [node\_type](#input\_node\_type) | The node type to be provisioned for the cluster. See https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#working-with-clusters-overview | `string` | `"dc2.large"` | no |
-| [number\_of\_nodes](#input\_number\_of\_nodes) | The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node | `number` | `1` | no |
-| [port](#input\_port) | The port number on which the cluster accepts incoming connections | `number` | `5439` | no |
-| [publicly\_accessible](#input\_publicly\_accessible) | If true, the cluster can be accessed from a public network | `bool` | `false` | no |
-| [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
-| [region](#input\_region) | AWS region | `string` | n/a | yes |
-| [security\_group\_ids](#input\_security\_group\_ids) | An array of security group IDs to associate with the endpoint. | `list(string)` | `null` | no |
-| [ssm\_enabled](#input\_ssm\_enabled) | If `true` create SSM keys for the database user and password. | `bool` | `false` | no |
-| [ssm\_key\_format](#input\_ssm\_key\_format) | SSM path format. The values will will be used in the following order: `var.ssm_key_prefix`, `var.name`, `var.ssm_key_*` | `string` | `"/%v/%v/%v"` | no |
-| [ssm\_key\_hostname](#input\_ssm\_key\_hostname) | The SSM key to save the hostname. See `var.ssm_path_format`. | `string` | `"admin/db_hostname"` | no |
-| [ssm\_key\_password](#input\_ssm\_key\_password) | The SSM key to save the password. See `var.ssm_path_format`. | `string` | `"admin/db_password"` | no |
-| [ssm\_key\_port](#input\_ssm\_key\_port) | The SSM key to save the port. See `var.ssm_path_format`. | `string` | `"admin/db_port"` | no |
-| [ssm\_key\_prefix](#input\_ssm\_key\_prefix) | SSM path prefix. Omit the leading forward slash `/`. | `string` | `"redshift"` | no |
-| [ssm\_key\_user](#input\_ssm\_key\_user) | The SSM key to save the user. See `var.ssm_path_format`. | `string` | `"admin/db_user"` | no |
-| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
-| [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).
Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |
-| [tenant](#input\_tenant) | ID element \_(Rarely used, not included by default)\_. A customer identifier, indicating who this instance of a resource is for | `string` | `null` | no |
-| [use\_private\_subnets](#input\_use\_private\_subnets) | Whether to use private or public subnets for the Redshift cluster | `bool` | `true` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| [arn](#output\_arn) | Amazon Resource Name (ARN) of cluster |
-| [cluster\_identifier](#output\_cluster\_identifier) | The Cluster Identifier |
-| [cluster\_security\_groups](#output\_cluster\_security\_groups) | The security groups associated with the cluster |
-| [database\_name](#output\_database\_name) | The name of the default database in the Cluster |
-| [dns\_name](#output\_dns\_name) | The DNS name of the cluster |
-| [endpoint](#output\_endpoint) | The connection endpoint |
-| [id](#output\_id) | The Redshift Cluster ID |
-| [port](#output\_port) | The Port the cluster responds on |
-| [redshift\_database\_ssm\_key\_prefix](#output\_redshift\_database\_ssm\_key\_prefix) | SSM prefix |
-| [vpc\_security\_group\_ids](#output\_vpc\_security\_group\_ids) | The VPC security group IDs associated with the cluster |
-
-
-
-## References
-
-- [cloudposse/terraform-aws-components](https://github.com/cloudposse/terraform-aws-components/tree/main/modules/redshift) -
- Cloud Posse's upstream component
-
-[](https://cpco.io/component)
diff --git a/test/README.md b/test/README.md
new file mode 100644
index 0000000..f8ee514
--- /dev/null
+++ b/test/README.md
@@ -0,0 +1,3 @@
+# Test
+
+placeholder
diff --git a/test/run.sh b/test/run.sh
new file mode 100755
index 0000000..15e077f
--- /dev/null
+++ b/test/run.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+echo "hello tests"