awscdkredshiftalpha

package module
v2.111.0-alpha.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 27, 2023 License: Apache-2.0 Imports: 12 Imported by: 1

README

Amazon Redshift Construct Library

---

The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.


Starting a Redshift Cluster Database

To set up a Redshift cluster, define a Cluster. It will be launched in a VPC. You can specify a VPC, otherwise one will be created. The nodes are always launched in private subnets and are encrypted by default.

import ec2 "github.com/aws/aws-cdk-go/awscdk"


vpc := ec2.NewVpc(this, jsii.String("Vpc"))
cluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
	},
	Vpc: Vpc,
})

By default, the master password will be generated and stored in AWS Secrets Manager.

A default database named default_db will be created in the cluster. To change the name of this database set the defaultDatabaseName attribute in the constructor properties.

By default, the cluster will not be publicly accessible. Depending on your use case, you can make the cluster publicly accessible with the publiclyAccessible property.

Adding a logging bucket for database audit logging to S3

Amazon Redshift logs information about connections and user activities in your database. These logs help you to monitor the database for security and troubleshooting purposes, a process called database auditing. To send these logs to an S3 bucket, specify the loggingProperties when creating a new cluster.

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import s3 "github.com/aws/aws-cdk-go/awscdk"


vpc := ec2.NewVpc(this, jsii.String("Vpc"))
bucket := s3.Bucket_FromBucketName(this, jsii.String("bucket"), jsii.String("logging-bucket"))

cluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
	},
	Vpc: Vpc,
	LoggingProperties: &LoggingProperties{
		LoggingBucket: bucket,
		LoggingKeyPrefix: jsii.String("prefix"),
	},
})

Connecting

To control who can access the cluster, use the .connections attribute. Redshift Clusters have a default port, so you don't need to specify the port:

cluster.Connections.AllowDefaultPortFromAnyIpv4(jsii.String("Open to the world"))

The endpoint to access your database cluster will be available as the .clusterEndpoint attribute:

cluster.ClusterEndpoint.SocketAddress

Database Resources

This module allows for the creation of non-CloudFormation database resources such as users and tables. This allows you to manage identities, permissions, and stateful resources within your Redshift cluster from your CDK application.

Because these resources are not available in CloudFormation, this library leverages custom resources to manage them. In addition to the IAM permissions required to make Redshift service calls, the execution role for the custom resource handler requires database credentials to create resources within the cluster.

These database credentials can be supplied explicitly through the adminUser properties of the various database resource constructs. Alternatively, the credentials can be automatically pulled from the Redshift cluster's default administrator credentials. However, this option is only available if the password for the credentials was generated by the CDK application (ie., no value vas provided for the masterPassword property of Cluster.masterUser).

Creating Users

Create a user within a Redshift cluster database by instantiating a User construct. This will generate a username and password, store the credentials in a AWS Secrets Manager Secret, and make a query to the Redshift cluster to create a new database user with the credentials.

awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})

By default, the user credentials are encrypted with your AWS account's default Secrets Manager encryption key. You can specify the encryption key used for this purpose by supplying a key in the encryptionKey property.

import kms "github.com/aws/aws-cdk-go/awscdk"


encryptionKey := kms.NewKey(this, jsii.String("Key"))
awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	EncryptionKey: encryptionKey,
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})

By default, a username is automatically generated from the user construct ID and its path in the construct tree. You can specify a particular username by providing a value for the username property. Usernames must be valid identifiers; see: Names and identifiers in the Amazon Redshift Database Developer Guide.

awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	Username: jsii.String("myuser"),
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})

The user password is generated by AWS Secrets Manager using the default configuration found in secretsmanager.SecretStringGenerator, except with password length 30 and some SQL-incompliant characters excluded. The plaintext for the password will never be present in the CDK application; instead, a CloudFormation Dynamic Reference will be used wherever the password value is required.

Creating Tables

Create a table within a Redshift cluster database by instantiating a Table construct. This will make a query to the Redshift cluster to create a new database table with the supplied schema.

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})

The table can be configured to have distStyle attribute and a distKey column:

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
			DistKey: jsii.Boolean(true),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
	DistStyle: awscdkredshiftalpha.TableDistStyle_KEY,
})

The table can also be configured to have sortStyle attribute and sortKey columns:

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
			SortKey: jsii.Boolean(true),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
			SortKey: jsii.Boolean(true),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
	SortStyle: awscdkredshiftalpha.TableSortStyle_COMPOUND,
})

Tables and their respective columns can be configured to contain comments:

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
			Comment: jsii.String("This is a column comment"),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
			Comment: jsii.String("This is a another column comment"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
	TableComment: jsii.String("This is a table comment"),
})

Table columns can be configured to use a specific compression encoding:

import "github.com/aws/aws-cdk-go/awscdkredshiftalpha"


awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
			Encoding: awscdkredshiftalpha.ColumnEncoding_TEXT32K,
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
			Encoding: awscdkredshiftalpha.ColumnEncoding_DELTA32K,
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})

Table columns can also contain an id attribute, which can allow table columns to be renamed.

NOTE To use the id attribute, you must also enable the @aws-cdk/aws-redshift:columnId feature flag.

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Id: jsii.String("col1"),
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
		},
		&column{
			Id: jsii.String("col2"),
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})
Granting Privileges

You can give a user privileges to perform certain actions on a table by using the Table.grant() method.

user := awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})
table := awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})

table.grant(user, awscdkredshiftalpha.TableAction_DROP, awscdkredshiftalpha.TableAction_SELECT)

Take care when managing privileges via the CDK, as attempting to manage a user's privileges on the same table in multiple CDK applications could lead to accidentally overriding these permissions. Consider the following two CDK applications which both refer to the same user and table. In application 1, the resources are created and the user is given INSERT permissions on the table:

databaseName := "databaseName"
username := "myuser"
tableName := "mytable"

user := awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	Username: username,
	Cluster: cluster,
	DatabaseName: databaseName,
})
table := awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: databaseName,
})
table.grant(user, awscdkredshiftalpha.TableAction_INSERT)

In application 2, the resources are imported and the user is given INSERT permissions on the table:

databaseName := "databaseName"
username := "myuser"
tableName := "mytable"

user := awscdkredshiftalpha.User_FromUserAttributes(this, jsii.String("User"), &UserAttributes{
	Username: username,
	Password: awscdk.SecretValue_UnsafePlainText(jsii.String("NOT_FOR_PRODUCTION")),
	Cluster: cluster,
	DatabaseName: databaseName,
})
table := awscdkredshiftalpha.Table_FromTableAttributes(this, jsii.String("Table"), &TableAttributes{
	TableName: tableName,
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})
table.Grant(user, awscdkredshiftalpha.TableAction_INSERT)

Both applications attempt to grant the user the appropriate privilege on the table by submitting a GRANT USER SQL query to the Redshift cluster. Note that the latter of these two calls will have no effect since the user has already been granted the privilege.

Now, if application 1 were to remove the call to grant, a REVOKE USER SQL query is submitted to the Redshift cluster. In general, application 1 does not know that application 2 has also granted this permission and thus cannot decide not to issue the revocation. This leads to the undesirable state where application 2 still contains the call to grant but the user does not have the specified permission.

Note that this does not occur when duplicate privileges are granted within the same application, as such privileges are de-duplicated before any SQL query is submitted.

Rotating credentials

When the master password is generated and stored in AWS Secrets Manager, it can be rotated automatically:

cluster.AddRotationSingleUser()

The multi user rotation scheme is also available:

user := awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})
cluster.AddRotationMultiUser(jsii.String("MultiUserRotation"), &RotationMultiUserOptions{
	Secret: user.Secret,
})

Adding Parameters

You can add a parameter to a parameter group withClusterParameterGroup.addParameter().

import "github.com/aws/aws-cdk-go/awscdkredshiftalpha"


params := awscdkredshiftalpha.NewClusterParameterGroup(this, jsii.String("Params"), &ClusterParameterGroupProps{
	Description: jsii.String("desc"),
	Parameters: map[string]*string{
		"require_ssl": jsii.String("true"),
	},
})

params.AddParameter(jsii.String("enable_user_activity_logging"), jsii.String("true"))

Additionally, you can add a parameter to the cluster's associated parameter group with Cluster.addToParameterGroup(). If the cluster does not have an associated parameter group, a new parameter group is created.

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import cdk "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc


cluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Cluster"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
		MasterPassword: cdk.SecretValue_UnsafePlainText(jsii.String("tooshort")),
	},
	Vpc: Vpc,
})

cluster.AddToParameterGroup(jsii.String("enable_user_activity_logging"), jsii.String("true"))

Rebooting for Parameter Updates

In most cases, existing clusters must be manually rebooted to apply parameter changes. You can automate parameter related reboots by setting the cluster's rebootForParameterChanges property to true , or by using Cluster.enableRebootForParameterChanges().

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import cdk "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc


cluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Cluster"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
		MasterPassword: cdk.SecretValue_UnsafePlainText(jsii.String("tooshort")),
	},
	Vpc: Vpc,
})

cluster.AddToParameterGroup(jsii.String("enable_user_activity_logging"), jsii.String("true"))
cluster.EnableRebootForParameterChanges()

Elastic IP

If you configure your cluster to be publicly accessible, you can optionally select an elastic IP address to use for the external IP address. An elastic IP address is a static IP address that is associated with your AWS account. You can use an elastic IP address to connect to your cluster from outside the VPC. An elastic IP address gives you the ability to change your underlying configuration without affecting the IP address that clients use to connect to your cluster. This approach can be helpful for situations such as recovery after a failure.

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import cdk "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc


awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
		MasterPassword: cdk.SecretValue_UnsafePlainText(jsii.String("tooshort")),
	},
	Vpc: Vpc,
	PubliclyAccessible: jsii.Boolean(true),
	ElasticIp: jsii.String("10.123.123.255"),
})

If the Cluster is in a VPC and you want to connect to it using the private IP address from within the cluster, it is important to enable DNS resolution and DNS hostnames in the VPC config. If these parameters would not be set, connections from within the VPC would connect to the elastic IP address and not the private IP address.

import ec2 "github.com/aws/aws-cdk-go/awscdk"

vpc := ec2.NewVpc(this, jsii.String("VPC"), &VpcProps{
	EnableDnsSupport: jsii.Boolean(true),
	EnableDnsHostnames: jsii.Boolean(true),
})

Note that if there is already an existing, public accessible Cluster, which VPC configuration is changed to use DNS hostnames and DNS resolution, connections still use the elastic IP address until the cluster is resized.

Elastic IP vs. Cluster node public IP

The elastic IP address is an external IP address for accessing the cluster outside of a VPC. It's not related to the cluster node public IP addresses and private IP addresses that are accessible via the clusterEndpoint property. The public and private cluster node IP addresses appear regardless of whether the cluster is publicly accessible or not. They are used only in certain circumstances to configure ingress rules on the remote host. These circumstances occur when you load data from an Amazon EC2 instance or other remote host using a Secure Shell (SSH) connection.

Attach Elastic IP after Cluster creation

In some cases, you might want to associate the cluster with an elastic IP address or change an elastic IP address that is associated with the cluster. To attach an elastic IP address after the cluster is created, first update the cluster so that it is not publicly accessible, then make it both publicly accessible and add an Elastic IP address in the same operation.

Enhanced VPC Routing

When you use Amazon Redshift enhanced VPC routing, Amazon Redshift forces all COPY and UNLOAD traffic between your cluster and your data repositories through your virtual private cloud (VPC) based on the Amazon VPC service. By using enhanced VPC routing, you can use standard VPC features, such as VPC security groups, network access control lists (ACLs), VPC endpoints, VPC endpoint policies, internet gateways, and Domain Name System (DNS) servers, as described in the Amazon VPC User Guide. You use these features to tightly manage the flow of data between your Amazon Redshift cluster and other resources. When you use enhanced VPC routing to route traffic through your VPC, you can also use VPC flow logs to monitor COPY and UNLOAD traffic.

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import cdk "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc


awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
		MasterPassword: cdk.SecretValue_UnsafePlainText(jsii.String("tooshort")),
	},
	Vpc: Vpc,
	EnhancedVpcRouting: jsii.Boolean(true),
})

If enhanced VPC routing is not enabled, Amazon Redshift routes traffic through the internet, including traffic to other services within the AWS network.

Default IAM role

Some Amazon Redshift features require Amazon Redshift to access other AWS services on your behalf. For your Amazon Redshift clusters to act on your behalf, you supply security credentials to your clusters. The preferred method to supply security credentials is to specify an AWS Identity and Access Management (IAM) role.

When you create an IAM role and set it as the default for the cluster using console, you don't have to provide the IAM role's Amazon Resource Name (ARN) to perform authentication and authorization.

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc


defaultRole := iam.NewRole(this, jsii.String("DefaultRole"), &RoleProps{
	AssumedBy: iam.NewServicePrincipal(jsii.String("redshift.amazonaws.com")),
})

awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
	},
	Vpc: Vpc,
	Roles: []iRole{
		defaultRole,
	},
	DefaultRole: defaultRole,
})

A default role can also be added to a cluster using the addDefaultIamRole method.

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc


defaultRole := iam.NewRole(this, jsii.String("DefaultRole"), &RoleProps{
	AssumedBy: iam.NewServicePrincipal(jsii.String("redshift.amazonaws.com")),
})

redshiftCluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
	},
	Vpc: Vpc,
	Roles: []iRole{
		defaultRole,
	},
})

redshiftCluster.AddDefaultIamRole(defaultRole)

IAM roles

Attaching IAM roles to a Redshift Cluster grants permissions to the Redshift service to perform actions on your behalf.

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc


role := iam.NewRole(this, jsii.String("Role"), &RoleProps{
	AssumedBy: iam.NewServicePrincipal(jsii.String("redshift.amazonaws.com")),
})
cluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
	},
	Vpc: Vpc,
	Roles: []iRole{
		role,
	},
})

Additional IAM roles can be attached to a cluster using the addIamRole method.

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc


role := iam.NewRole(this, jsii.String("Role"), &RoleProps{
	AssumedBy: iam.NewServicePrincipal(jsii.String("redshift.amazonaws.com")),
})
cluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
	},
	Vpc: Vpc,
})
cluster.AddIamRole(role)

Resizing

As your data warehousing needs change, it's possible to resize your Redshift cluster. If the cluster was deployed via CDK, it's important to resize it via CDK so the change is registered in the AWS CloudFormation template. There are two types of resize operations:

  • Elastic resize - Number of nodes and node type can be changed, but not at the same time. Elastic resize is the default behavior, as it's a fast operation and typically completes in minutes. Elastic resize is only supported on clusters of the following types:

    • dc1.large (if your cluster is in a VPC)
    • dc1.8xlarge (if your cluster is in a VPC)
    • dc2.large
    • dc2.8xlarge
    • ds2.xlarge
    • ds2.8xlarge
    • ra3.xlplus
    • ra3.4xlarge
    • ra3.16xlarge
  • Classic resize - Number of nodes, node type, or both, can be changed. This operation takes longer to complete, but is useful when the resize operation doesn't meet the criteria of an elastic resize. If you prefer classic resizing, you can set the classicResizing flag when creating the cluster.

There are other constraints to be aware of, for example, elastic resizing does not support single-node clusters and there are limits on the number of nodes you can add to a cluster. See the AWS Redshift Documentation and AWS API Documentation for more details.

Documentation

Overview

The CDK Construct Library for AWS::Redshift

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ClusterParameterGroup_IsConstruct

func ClusterParameterGroup_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`. Experimental.

func ClusterParameterGroup_IsOwnedResource

func ClusterParameterGroup_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise. Experimental.

func ClusterParameterGroup_IsResource

func ClusterParameterGroup_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func ClusterSubnetGroup_IsConstruct

func ClusterSubnetGroup_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`. Experimental.

func ClusterSubnetGroup_IsOwnedResource

func ClusterSubnetGroup_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise. Experimental.

func ClusterSubnetGroup_IsResource

func ClusterSubnetGroup_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func Cluster_IsConstruct

func Cluster_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`. Experimental.

func Cluster_IsOwnedResource

func Cluster_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise. Experimental.

func Cluster_IsResource

func Cluster_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseSecret_FromSecretAttributes

func DatabaseSecret_FromSecretAttributes(scope constructs.Construct, id *string, attrs *awssecretsmanager.SecretAttributes) awssecretsmanager.ISecret

Import an existing secret into the Stack. Experimental.

func DatabaseSecret_FromSecretCompleteArn

func DatabaseSecret_FromSecretCompleteArn(scope constructs.Construct, id *string, secretCompleteArn *string) awssecretsmanager.ISecret

Imports a secret by complete ARN.

The complete ARN is the ARN with the Secrets Manager-supplied suffix. Experimental.

func DatabaseSecret_FromSecretNameV2

func DatabaseSecret_FromSecretNameV2(scope constructs.Construct, id *string, secretName *string) awssecretsmanager.ISecret

Imports a secret by secret name.

A secret with this name must exist in the same account & region. Replaces the deprecated `fromSecretName`. Please note this method returns ISecret that only contains partial ARN and could lead to AccessDeniedException when you pass the partial ARN to CLI or SDK to get the secret value. If your secret name ends with a hyphen and 6 characters, you should always use fromSecretCompleteArn() to avoid potential AccessDeniedException. See: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen

Experimental.

func DatabaseSecret_FromSecretPartialArn

func DatabaseSecret_FromSecretPartialArn(scope constructs.Construct, id *string, secretPartialArn *string) awssecretsmanager.ISecret

Imports a secret by partial ARN.

The partial ARN is the ARN without the Secrets Manager-supplied suffix. Experimental.

func DatabaseSecret_IsConstruct

func DatabaseSecret_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`. Experimental.

func DatabaseSecret_IsOwnedResource

func DatabaseSecret_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise. Experimental.

func DatabaseSecret_IsResource

func DatabaseSecret_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func DatabaseSecret_IsSecret

func DatabaseSecret_IsSecret(x interface{}) *bool

Return whether the given object is a Secret. Experimental.

func NewClusterParameterGroup_Override

func NewClusterParameterGroup_Override(c ClusterParameterGroup, scope constructs.Construct, id *string, props *ClusterParameterGroupProps)

Experimental.

func NewClusterSubnetGroup_Override

func NewClusterSubnetGroup_Override(c ClusterSubnetGroup, scope constructs.Construct, id *string, props *ClusterSubnetGroupProps)

Experimental.

func NewCluster_Override

func NewCluster_Override(c Cluster, scope constructs.Construct, id *string, props *ClusterProps)

Experimental.

func NewDatabaseSecret_Override

func NewDatabaseSecret_Override(d DatabaseSecret, scope constructs.Construct, id *string, props *DatabaseSecretProps)

Experimental.

func NewEndpoint_Override

func NewEndpoint_Override(e Endpoint, address *string, port *float64)

Experimental.

func NewTable_Override

func NewTable_Override(t Table, scope constructs.Construct, id *string, props *TableProps)

Experimental.

func NewUser_Override

func NewUser_Override(u User, scope constructs.Construct, id *string, props *UserProps)

Experimental.

func Table_IsConstruct

func Table_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`. Experimental.

func User_IsConstruct

func User_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`. Experimental.

Types

type Cluster

type Cluster interface {
	awscdk.Resource
	ICluster
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterEndpoint() Endpoint
	// Identifier of the cluster.
	// Experimental.
	ClusterName() *string
	// Access to the network connections.
	// Experimental.
	Connections() awsec2.Connections
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// The cluster's parameter group.
	// Experimental.
	ParameterGroup() IClusterParameterGroup
	// Experimental.
	SetParameterGroup(val IClusterParameterGroup)
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The secret attached to this cluster.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Adds default IAM role to cluster.
	//
	// The default IAM role must be already associated to the cluster to be added as the default role.
	// Experimental.
	AddDefaultIamRole(defaultIamRole awsiam.IRole)
	// Adds a role to the cluster.
	// Experimental.
	AddIamRole(role awsiam.IRole)
	// Adds the multi user rotation to this cluster.
	// Experimental.
	AddRotationMultiUser(id *string, options *RotationMultiUserOptions) awssecretsmanager.SecretRotation
	// Adds the single user rotation of the master password to this cluster.
	// Experimental.
	AddRotationSingleUser(automaticallyAfter awscdk.Duration) awssecretsmanager.SecretRotation
	// Adds a parameter to the Clusters' parameter group.
	// Experimental.
	AddToParameterGroup(name *string, value *string)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Renders the secret attachment target specifications.
	// Experimental.
	AsSecretAttachmentTarget() *awssecretsmanager.SecretAttachmentTargetProps
	// Enables automatic cluster rebooting when changes to the cluster's parameter group require a restart to apply.
	// Experimental.
	EnableRebootForParameterChanges()
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

Create a Redshift cluster a given number of nodes.

Example:

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import cdk "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc

cluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Cluster"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
		MasterPassword: cdk.SecretValue_UnsafePlainText(jsii.String("tooshort")),
	},
	Vpc: Vpc,
})

cluster.AddToParameterGroup(jsii.String("enable_user_activity_logging"), jsii.String("true"))

Experimental.

func NewCluster

func NewCluster(scope constructs.Construct, id *string, props *ClusterProps) Cluster

Experimental.

type ClusterAttributes

type ClusterAttributes struct {
	// Cluster endpoint address.
	// Experimental.
	ClusterEndpointAddress *string `field:"required" json:"clusterEndpointAddress" yaml:"clusterEndpointAddress"`
	// Cluster endpoint port.
	// Experimental.
	ClusterEndpointPort *float64 `field:"required" json:"clusterEndpointPort" yaml:"clusterEndpointPort"`
	// Identifier for the cluster.
	// Experimental.
	ClusterName *string `field:"required" json:"clusterName" yaml:"clusterName"`
	// The security groups of the redshift cluster.
	// Default: no security groups will be attached to the import.
	//
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
}

Properties that describe an existing cluster instance.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import redshift_alpha "github.com/aws/aws-cdk-go/awscdkredshiftalpha"
import "github.com/aws/aws-cdk-go/awscdk"

var securityGroup securityGroup

clusterAttributes := &ClusterAttributes{
	ClusterEndpointAddress: jsii.String("clusterEndpointAddress"),
	ClusterEndpointPort: jsii.Number(123),
	ClusterName: jsii.String("clusterName"),

	// the properties below are optional
	SecurityGroups: []iSecurityGroup{
		securityGroup,
	},
}

Experimental.

type ClusterParameterGroup

type ClusterParameterGroup interface {
	awscdk.Resource
	IClusterParameterGroup
	// The name of the parameter group.
	// Experimental.
	ClusterParameterGroupName() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// The parameters in the parameter group.
	// Experimental.
	Parameters() *map[string]*string
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Adds a parameter to the parameter group.
	// Experimental.
	AddParameter(name *string, value *string)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

A cluster parameter group.

Example:

import "github.com/aws/aws-cdk-go/awscdkredshiftalpha"

params := awscdkredshiftalpha.NewClusterParameterGroup(this, jsii.String("Params"), &ClusterParameterGroupProps{
	Description: jsii.String("desc"),
	Parameters: map[string]*string{
		"require_ssl": jsii.String("true"),
	},
})

params.AddParameter(jsii.String("enable_user_activity_logging"), jsii.String("true"))

Experimental.

func NewClusterParameterGroup

func NewClusterParameterGroup(scope constructs.Construct, id *string, props *ClusterParameterGroupProps) ClusterParameterGroup

Experimental.

type ClusterParameterGroupProps

type ClusterParameterGroupProps struct {
	// The parameters in this parameter group.
	// Experimental.
	Parameters *map[string]*string `field:"required" json:"parameters" yaml:"parameters"`
	// Description for this parameter group.
	// Default: a CDK generated description.
	//
	// Experimental.
	Description *string `field:"optional" json:"description" yaml:"description"`
}

Properties for a parameter group.

Example:

import "github.com/aws/aws-cdk-go/awscdkredshiftalpha"

params := awscdkredshiftalpha.NewClusterParameterGroup(this, jsii.String("Params"), &ClusterParameterGroupProps{
	Description: jsii.String("desc"),
	Parameters: map[string]*string{
		"require_ssl": jsii.String("true"),
	},
})

params.AddParameter(jsii.String("enable_user_activity_logging"), jsii.String("true"))

Experimental.

type ClusterProps

type ClusterProps struct {
	// Username and password for the administrative user.
	// Experimental.
	MasterUser *Login `field:"required" json:"masterUser" yaml:"masterUser"`
	// The VPC to place the cluster in.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// If this flag is set, the cluster resizing type will be set to classic.
	//
	// When resizing a cluster, classic resizing will always provision a new cluster and transfer the data there.
	//
	// Classic resize takes more time to complete, but it can be useful in cases where the change in node count or
	// the node type to migrate to doesn't fall within the bounds for elastic resize.
	// See: https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-operations.html#elastic-resize
	//
	// Default: - Elastic resize type.
	//
	// Experimental.
	ClassicResizing *bool `field:"optional" json:"classicResizing" yaml:"classicResizing"`
	// An optional identifier for the cluster.
	// Default: - A name is automatically generated.
	//
	// Experimental.
	ClusterName *string `field:"optional" json:"clusterName" yaml:"clusterName"`
	// Settings for the individual instances that are launched.
	// Default: `ClusterType.MULTI_NODE`
	//
	// Experimental.
	ClusterType ClusterType `field:"optional" json:"clusterType" yaml:"clusterType"`
	// Name of a database which is automatically created inside the cluster.
	// Default: - default_db.
	//
	// Experimental.
	DefaultDatabaseName *string `field:"optional" json:"defaultDatabaseName" yaml:"defaultDatabaseName"`
	// A single AWS Identity and Access Management (IAM) role to be used as the default role for the cluster.
	//
	// The default role must be included in the roles list.
	// Default: - No default role is specified for the cluster.
	//
	// Experimental.
	DefaultRole awsiam.IRole `field:"optional" json:"defaultRole" yaml:"defaultRole"`
	// The Elastic IP (EIP) address for the cluster.
	// See: https://docs.aws.amazon.com/redshift/latest/mgmt/managing-clusters-vpc.html
	//
	// Default: - No Elastic IP.
	//
	// Experimental.
	ElasticIp *string `field:"optional" json:"elasticIp" yaml:"elasticIp"`
	// Whether to enable encryption of data at rest in the cluster.
	// Default: true.
	//
	// Experimental.
	Encrypted *bool `field:"optional" json:"encrypted" yaml:"encrypted"`
	// The KMS key to use for encryption of data at rest.
	// Default: - AWS-managed key, if encryption at rest is enabled.
	//
	// Experimental.
	EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"`
	// If this flag is set, Amazon Redshift forces all COPY and UNLOAD traffic between your cluster and your data repositories through your virtual private cloud (VPC).
	// See: https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html
	//
	// Default: - false.
	//
	// Experimental.
	EnhancedVpcRouting *bool `field:"optional" json:"enhancedVpcRouting" yaml:"enhancedVpcRouting"`
	// Bucket details for log files to be sent to, including prefix.
	// Default: - No logging bucket is used.
	//
	// Experimental.
	LoggingProperties *LoggingProperties `field:"optional" json:"loggingProperties" yaml:"loggingProperties"`
	// The node type to be provisioned for the cluster.
	// Default: `NodeType.DC2_LARGE`
	//
	// Experimental.
	NodeType NodeType `field:"optional" json:"nodeType" yaml:"nodeType"`
	// Number of compute nodes in the cluster. Only specify this property for multi-node clusters.
	//
	// Value must be at least 2 and no more than 100.
	// Default: - 2 if `clusterType` is ClusterType.MULTI_NODE, undefined otherwise
	//
	// Experimental.
	NumberOfNodes *float64 `field:"optional" json:"numberOfNodes" yaml:"numberOfNodes"`
	// Additional parameters to pass to the database engine https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html.
	// Default: - No parameter group.
	//
	// Experimental.
	ParameterGroup IClusterParameterGroup `field:"optional" json:"parameterGroup" yaml:"parameterGroup"`
	// What port to listen on.
	// Default: - The default for the engine is used.
	//
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// A preferred maintenance window day/time range. Should be specified as a range ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC).
	//
	// Example: 'Sun:23:45-Mon:00:15'.
	// See: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance
	//
	// Default: - 30-minute window selected at random from an 8-hour block of time for
	// each AWS Region, occurring on a random day of the week.
	//
	// Experimental.
	PreferredMaintenanceWindow *string `field:"optional" json:"preferredMaintenanceWindow" yaml:"preferredMaintenanceWindow"`
	// Whether to make cluster publicly accessible.
	// Default: false.
	//
	// Experimental.
	PubliclyAccessible *bool `field:"optional" json:"publiclyAccessible" yaml:"publiclyAccessible"`
	// If this flag is set, the cluster will be rebooted when changes to the cluster's parameter group that require a restart to apply.
	// Default: false.
	//
	// Experimental.
	RebootForParameterChanges *bool `field:"optional" json:"rebootForParameterChanges" yaml:"rebootForParameterChanges"`
	// The removal policy to apply when the cluster and its instances are removed from the stack or replaced during an update.
	// Default: RemovalPolicy.RETAIN
	//
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// A list of AWS Identity and Access Management (IAM) role that can be used by the cluster to access other AWS services.
	//
	// The maximum number of roles to attach to a cluster is subject to a quota.
	// Default: - No role is attached to the cluster.
	//
	// Experimental.
	Roles *[]awsiam.IRole `field:"optional" json:"roles" yaml:"roles"`
	// Security group.
	// Default: - a new security group is created.
	//
	// Experimental.
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// A cluster subnet group to use with this cluster.
	// Default: - a new subnet group will be created.
	//
	// Experimental.
	SubnetGroup IClusterSubnetGroup `field:"optional" json:"subnetGroup" yaml:"subnetGroup"`
	// Where to place the instances within the VPC.
	// Default: - private subnets.
	//
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Properties for a new database cluster.

Example:

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import cdk "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc

cluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Cluster"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
		MasterPassword: cdk.SecretValue_UnsafePlainText(jsii.String("tooshort")),
	},
	Vpc: Vpc,
})

cluster.AddToParameterGroup(jsii.String("enable_user_activity_logging"), jsii.String("true"))

Experimental.

type ClusterSubnetGroup

type ClusterSubnetGroup interface {
	awscdk.Resource
	IClusterSubnetGroup
	// The name of the cluster subnet group.
	// Experimental.
	ClusterSubnetGroupName() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

Class for creating a Redshift cluster subnet group.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import redshift_alpha "github.com/aws/aws-cdk-go/awscdkredshiftalpha"
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var subnet subnet
var subnetFilter subnetFilter
var vpc vpc

clusterSubnetGroup := redshift_alpha.NewClusterSubnetGroup(this, jsii.String("MyClusterSubnetGroup"), &ClusterSubnetGroupProps{
	Description: jsii.String("description"),
	Vpc: vpc,

	// the properties below are optional
	RemovalPolicy: cdk.RemovalPolicy_DESTROY,
	VpcSubnets: &SubnetSelection{
		AvailabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		OnePerAz: jsii.Boolean(false),
		SubnetFilters: []*subnetFilter{
			subnetFilter,
		},
		SubnetGroupName: jsii.String("subnetGroupName"),
		Subnets: []iSubnet{
			subnet,
		},
		SubnetType: awscdk.Aws_ec2.SubnetType_PRIVATE_ISOLATED,
	},
})

Experimental.

func NewClusterSubnetGroup

func NewClusterSubnetGroup(scope constructs.Construct, id *string, props *ClusterSubnetGroupProps) ClusterSubnetGroup

Experimental.

type ClusterSubnetGroupProps

type ClusterSubnetGroupProps struct {
	// Description of the subnet group.
	// Experimental.
	Description *string `field:"required" json:"description" yaml:"description"`
	// The VPC to place the subnet group in.
	// Experimental.
	Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"`
	// The removal policy to apply when the subnet group are removed from the stack or replaced during an update.
	// Default: RemovalPolicy.RETAIN
	//
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// Which subnets within the VPC to associate with this group.
	// Default: - private subnets.
	//
	// Experimental.
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Properties for creating a ClusterSubnetGroup.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import redshift_alpha "github.com/aws/aws-cdk-go/awscdkredshiftalpha"
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var subnet subnet
var subnetFilter subnetFilter
var vpc vpc

clusterSubnetGroupProps := &ClusterSubnetGroupProps{
	Description: jsii.String("description"),
	Vpc: vpc,

	// the properties below are optional
	RemovalPolicy: cdk.RemovalPolicy_DESTROY,
	VpcSubnets: &SubnetSelection{
		AvailabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		OnePerAz: jsii.Boolean(false),
		SubnetFilters: []*subnetFilter{
			subnetFilter,
		},
		SubnetGroupName: jsii.String("subnetGroupName"),
		Subnets: []iSubnet{
			subnet,
		},
		SubnetType: awscdk.Aws_ec2.SubnetType_PRIVATE_ISOLATED,
	},
}

Experimental.

type ClusterType

type ClusterType string

What cluster type to use.

Used by `ClusterProps.clusterType` Experimental.

const (
	// single-node cluster, the `ClusterProps.numberOfNodes` parameter is not required.
	// Experimental.
	ClusterType_SINGLE_NODE ClusterType = "SINGLE_NODE"
	// multi-node cluster, set the amount of nodes using `ClusterProps.numberOfNodes` parameter.
	// Experimental.
	ClusterType_MULTI_NODE ClusterType = "MULTI_NODE"
)

type Column

type Column struct {
	// The data type of the column.
	// Experimental.
	DataType *string `field:"required" json:"dataType" yaml:"dataType"`
	// The name of the column.
	//
	// This will appear on Amazon Redshift.
	// Experimental.
	Name *string `field:"required" json:"name" yaml:"name"`
	// A comment to attach to the column.
	// Default: - no comment.
	//
	// Experimental.
	Comment *string `field:"optional" json:"comment" yaml:"comment"`
	// Boolean value that indicates whether the column is to be configured as DISTKEY.
	// Default: - column is not DISTKEY.
	//
	// Experimental.
	DistKey *bool `field:"optional" json:"distKey" yaml:"distKey"`
	// The encoding to use for the column.
	// Default: - Amazon Redshift determines the encoding based on the data type.
	//
	// Experimental.
	Encoding ColumnEncoding `field:"optional" json:"encoding" yaml:"encoding"`
	// The unique identifier of the column.
	//
	// This is not the name of the column, and renaming this identifier will cause a new column to be created and the old column to be dropped.
	//
	// **NOTE** - This field will be set, however, only by setting the `@aws-cdk/aws-redshift:columnId` feature flag will this field be used.
	// Default: - the column name is used as the identifier.
	//
	// Experimental.
	Id *string `field:"optional" json:"id" yaml:"id"`
	// Boolean value that indicates whether the column is to be configured as SORTKEY.
	// Default: - column is not a SORTKEY.
	//
	// Experimental.
	SortKey *bool `field:"optional" json:"sortKey" yaml:"sortKey"`
}

A column in a Redshift table.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import redshift_alpha "github.com/aws/aws-cdk-go/awscdkredshiftalpha"

column := &Column{
	DataType: jsii.String("dataType"),
	Name: jsii.String("name"),

	// the properties below are optional
	Comment: jsii.String("comment"),
	DistKey: jsii.Boolean(false),
	Encoding: redshift_alpha.ColumnEncoding_AUTO,
	Id: jsii.String("id"),
	SortKey: jsii.Boolean(false),
}

Experimental.

type ColumnEncoding

type ColumnEncoding string

The compression encoding of a column.

Example:

import "github.com/aws/aws-cdk-go/awscdkredshiftalpha"

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
			Encoding: awscdkredshiftalpha.ColumnEncoding_TEXT32K,
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
			Encoding: awscdkredshiftalpha.ColumnEncoding_DELTA32K,
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})

See: https://docs.aws.amazon.com/redshift/latest/dg/c_Compression_encodings.html

Experimental.

const (
	// Amazon Redshift assigns an optimal encoding based on the column data.
	//
	// This is the default.
	// Experimental.
	ColumnEncoding_AUTO ColumnEncoding = "AUTO"
	// The column is not compressed.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_Raw_encoding.html
	//
	// Experimental.
	ColumnEncoding_RAW ColumnEncoding = "RAW"
	// The column is compressed using the AZ64 algorithm.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/az64-encoding.html
	//
	// Experimental.
	ColumnEncoding_AZ64 ColumnEncoding = "AZ64"
	// The column is compressed using a separate dictionary for each block column value on disk.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_Byte_dictionary_encoding.html
	//
	// Experimental.
	ColumnEncoding_BYTEDICT ColumnEncoding = "BYTEDICT"
	// The column is compressed based on the difference between values in the column.
	//
	// This records differences as 1-byte values.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_Delta_encoding.html
	//
	// Experimental.
	ColumnEncoding_DELTA ColumnEncoding = "DELTA"
	// The column is compressed based on the difference between values in the column.
	//
	// This records differences as 2-byte values.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_Delta_encoding.html
	//
	// Experimental.
	ColumnEncoding_DELTA32K ColumnEncoding = "DELTA32K"
	// The column is compressed using the LZO algorithm.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/lzo-encoding.html
	//
	// Experimental.
	ColumnEncoding_LZO ColumnEncoding = "LZO"
	// The column is compressed to a smaller storage size than the original data type.
	//
	// The compressed storage size is 1 byte.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_MostlyN_encoding.html
	//
	// Experimental.
	ColumnEncoding_MOSTLY8 ColumnEncoding = "MOSTLY8"
	// The column is compressed to a smaller storage size than the original data type.
	//
	// The compressed storage size is 2 bytes.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_MostlyN_encoding.html
	//
	// Experimental.
	ColumnEncoding_MOSTLY16 ColumnEncoding = "MOSTLY16"
	// The column is compressed to a smaller storage size than the original data type.
	//
	// The compressed storage size is 4 bytes.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_MostlyN_encoding.html
	//
	// Experimental.
	ColumnEncoding_MOSTLY32 ColumnEncoding = "MOSTLY32"
	// The column is compressed by recording the number of occurrences of each value in the column.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_Runlength_encoding.html
	//
	// Experimental.
	ColumnEncoding_RUNLENGTH ColumnEncoding = "RUNLENGTH"
	// The column is compressed by recording the first 245 unique words and then using a 1-byte index to represent each word.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_Text255_encoding.html
	//
	// Experimental.
	ColumnEncoding_TEXT255 ColumnEncoding = "TEXT255"
	// The column is compressed by recording the first 32K unique words and then using a 2-byte index to represent each word.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/c_Text255_encoding.html
	//
	// Experimental.
	ColumnEncoding_TEXT32K ColumnEncoding = "TEXT32K"
	// The column is compressed using the ZSTD algorithm.
	// See: https://docs.aws.amazon.com/redshift/latest/dg/zstd-encoding.html
	//
	// Experimental.
	ColumnEncoding_ZSTD ColumnEncoding = "ZSTD"
)

type DatabaseOptions

type DatabaseOptions struct {
	// The cluster containing the database.
	// Experimental.
	Cluster ICluster `field:"required" json:"cluster" yaml:"cluster"`
	// The name of the database.
	// Experimental.
	DatabaseName *string `field:"required" json:"databaseName" yaml:"databaseName"`
	// The secret containing credentials to a Redshift user with administrator privileges.
	//
	// Secret JSON schema: `{ username: string; password: string }`.
	// Default: - the admin secret is taken from the cluster.
	//
	// Experimental.
	AdminUser awssecretsmanager.ISecret `field:"optional" json:"adminUser" yaml:"adminUser"`
}

Properties for accessing a Redshift database.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import redshift_alpha "github.com/aws/aws-cdk-go/awscdkredshiftalpha"
import "github.com/aws/aws-cdk-go/awscdk"

var cluster cluster
var secret secret

databaseOptions := &DatabaseOptions{
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),

	// the properties below are optional
	AdminUser: secret,
}

Experimental.

type DatabaseSecret

type DatabaseSecret interface {
	awssecretsmanager.Secret
	// Provides an identifier for this secret for use in IAM policies.
	//
	// If there is a full ARN, this is just the ARN;
	// if we have a partial ARN -- due to either importing by secret name or partial ARN --
	// then we need to add a suffix to capture the full ARN's format.
	// Experimental.
	ArnForPolicies() *string
	// Experimental.
	AutoCreatePolicy() *bool
	// The customer-managed encryption key that is used to encrypt this secret, if any.
	//
	// When not specified, the default
	// KMS key for the account and region is being used.
	// Experimental.
	EncryptionKey() awskms.IKey
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The string of the characters that are excluded in this secret when it is generated.
	// Experimental.
	ExcludeCharacters() *string
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The ARN of the secret in AWS Secrets Manager.
	//
	// Will return the full ARN if available, otherwise a partial arn.
	// For secrets imported by the deprecated `fromSecretName`, it will return the `secretName`.
	// Experimental.
	SecretArn() *string
	// The full ARN of the secret in AWS Secrets Manager, which is the ARN including the Secrets Manager-supplied 6-character suffix.
	//
	// This is equal to `secretArn` in most cases, but is undefined when a full ARN is not available (e.g., secrets imported by name).
	// Experimental.
	SecretFullArn() *string
	// The name of the secret.
	//
	// For "owned" secrets, this will be the full resource name (secret name + suffix), unless the
	// '@aws-cdk/aws-secretsmanager:parseOwnedSecretName' feature flag is set.
	// Experimental.
	SecretName() *string
	// Retrieve the value of the stored secret as a `SecretValue`.
	// Experimental.
	SecretValue() awscdk.SecretValue
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Adds a replica region for the secret.
	// Experimental.
	AddReplicaRegion(region *string, encryptionKey awskms.IKey)
	// Adds a rotation schedule to the secret.
	// Experimental.
	AddRotationSchedule(id *string, options *awssecretsmanager.RotationScheduleOptions) awssecretsmanager.RotationSchedule
	// Adds a statement to the IAM resource policy associated with this secret.
	//
	// If this secret was created in this stack, a resource policy will be
	// automatically created upon the first call to `addToResourcePolicy`. If
	// the secret is imported, then this is a no-op.
	// Experimental.
	AddToResourcePolicy(statement awsiam.PolicyStatement) *awsiam.AddToResourcePolicyResult
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Attach a target to this secret.
	//
	// Returns: An attached secret.
	// Experimental.
	Attach(target awssecretsmanager.ISecretAttachmentTarget) awssecretsmanager.ISecret
	// Denies the `DeleteSecret` action to all principals within the current account.
	// Experimental.
	DenyAccountRootDelete()
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grants reading the secret value to some role.
	// Experimental.
	GrantRead(grantee awsiam.IGrantable, versionStages *[]*string) awsiam.Grant
	// Grants writing and updating the secret value to some role.
	// Experimental.
	GrantWrite(grantee awsiam.IGrantable) awsiam.Grant
	// Interpret the secret as a JSON object and return a field's value from it as a `SecretValue`.
	// Experimental.
	SecretValueFromJson(jsonField *string) awscdk.SecretValue
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

A database secret.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import redshift_alpha "github.com/aws/aws-cdk-go/awscdkredshiftalpha"
import "github.com/aws/aws-cdk-go/awscdk"

var key key

databaseSecret := redshift_alpha.NewDatabaseSecret(this, jsii.String("MyDatabaseSecret"), &DatabaseSecretProps{
	Username: jsii.String("username"),

	// the properties below are optional
	EncryptionKey: key,
})

Experimental.

func NewDatabaseSecret

func NewDatabaseSecret(scope constructs.Construct, id *string, props *DatabaseSecretProps) DatabaseSecret

Experimental.

type DatabaseSecretProps

type DatabaseSecretProps struct {
	// The username.
	// Experimental.
	Username *string `field:"required" json:"username" yaml:"username"`
	// The KMS key to use to encrypt the secret.
	// Default: default master key.
	//
	// Experimental.
	EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"`
}

Construction properties for a DatabaseSecret.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import redshift_alpha "github.com/aws/aws-cdk-go/awscdkredshiftalpha"
import "github.com/aws/aws-cdk-go/awscdk"

var key key

databaseSecretProps := &DatabaseSecretProps{
	Username: jsii.String("username"),

	// the properties below are optional
	EncryptionKey: key,
}

Experimental.

type Endpoint

type Endpoint interface {
	// The hostname of the endpoint.
	// Experimental.
	Hostname() *string
	// The port of the endpoint.
	// Experimental.
	Port() *float64
	// The combination of "HOSTNAME:PORT" for this endpoint.
	// Experimental.
	SocketAddress() *string
}

Connection endpoint of a redshift cluster.

Consists of a combination of hostname and port.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import redshift_alpha "github.com/aws/aws-cdk-go/awscdkredshiftalpha"

endpoint := redshift_alpha.NewEndpoint(jsii.String("address"), jsii.Number(123))

Experimental.

func NewEndpoint

func NewEndpoint(address *string, port *float64) Endpoint

Experimental.

type ICluster

type ICluster interface {
	awsec2.IConnectable
	awscdk.IResource
	awssecretsmanager.ISecretAttachmentTarget
	// The endpoint to use for read/write operations.
	// Experimental.
	ClusterEndpoint() Endpoint
	// Name of the cluster.
	// Experimental.
	ClusterName() *string
}

Create a Redshift Cluster with a given number of nodes.

Implemented by `Cluster` via `ClusterBase`. Experimental.

func Cluster_FromClusterAttributes

func Cluster_FromClusterAttributes(scope constructs.Construct, id *string, attrs *ClusterAttributes) ICluster

Import an existing DatabaseCluster from properties. Experimental.

type IClusterParameterGroup

type IClusterParameterGroup interface {
	awscdk.IResource
	// The name of this parameter group.
	// Experimental.
	ClusterParameterGroupName() *string
}

A parameter group. Experimental.

func ClusterParameterGroup_FromClusterParameterGroupName

func ClusterParameterGroup_FromClusterParameterGroupName(scope constructs.Construct, id *string, clusterParameterGroupName *string) IClusterParameterGroup

Imports a parameter group. Experimental.

type IClusterSubnetGroup

type IClusterSubnetGroup interface {
	awscdk.IResource
	// The name of the cluster subnet group.
	// Experimental.
	ClusterSubnetGroupName() *string
}

Interface for a cluster subnet group. Experimental.

func ClusterSubnetGroup_FromClusterSubnetGroupName

func ClusterSubnetGroup_FromClusterSubnetGroupName(scope constructs.Construct, id *string, clusterSubnetGroupName *string) IClusterSubnetGroup

Imports an existing subnet group by name. Experimental.

type ITable

type ITable interface {
	constructs.IConstruct
	// Grant a user privilege to access this table.
	// Experimental.
	Grant(user IUser, actions ...TableAction)
	// The cluster where the table is located.
	// Experimental.
	Cluster() ICluster
	// The name of the database where the table is located.
	// Experimental.
	DatabaseName() *string
	// The columns of the table.
	// Experimental.
	TableColumns() *[]*Column
	// Name of the table.
	// Experimental.
	TableName() *string
}

Represents a table in a Redshift database. Experimental.

func Table_FromTableAttributes

func Table_FromTableAttributes(scope constructs.Construct, id *string, attrs *TableAttributes) ITable

Specify a Redshift table using a table name and schema that already exists. Experimental.

type IUser

type IUser interface {
	constructs.IConstruct
	// Grant this user privilege to access a table.
	// Experimental.
	AddTablePrivileges(table ITable, actions ...TableAction)
	// The cluster where the table is located.
	// Experimental.
	Cluster() ICluster
	// The name of the database where the table is located.
	// Experimental.
	DatabaseName() *string
	// The password of the user.
	// Experimental.
	Password() awscdk.SecretValue
	// The name of the user.
	// Experimental.
	Username() *string
}

Represents a user in a Redshift database. Experimental.

func User_FromUserAttributes

func User_FromUserAttributes(scope constructs.Construct, id *string, attrs *UserAttributes) IUser

Specify a Redshift user using credentials that already exist. Experimental.

type LoggingProperties

type LoggingProperties struct {
	// Bucket to send logs to.
	//
	// Logging information includes queries and connection attempts, for the specified Amazon Redshift cluster.
	// Experimental.
	LoggingBucket awss3.IBucket `field:"required" json:"loggingBucket" yaml:"loggingBucket"`
	// Prefix used for logging.
	// Experimental.
	LoggingKeyPrefix *string `field:"required" json:"loggingKeyPrefix" yaml:"loggingKeyPrefix"`
}

Logging bucket and S3 prefix combination.

Example:

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import s3 "github.com/aws/aws-cdk-go/awscdk"

vpc := ec2.NewVpc(this, jsii.String("Vpc"))
bucket := s3.Bucket_FromBucketName(this, jsii.String("bucket"), jsii.String("logging-bucket"))

cluster := awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
	},
	Vpc: Vpc,
	LoggingProperties: &LoggingProperties{
		LoggingBucket: bucket,
		LoggingKeyPrefix: jsii.String("prefix"),
	},
})

Experimental.

type Login

type Login struct {
	// Username.
	// Experimental.
	MasterUsername *string `field:"required" json:"masterUsername" yaml:"masterUsername"`
	// KMS encryption key to encrypt the generated secret.
	// Default: default master key.
	//
	// Experimental.
	EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"`
	// Password.
	//
	// Do not put passwords in your CDK code directly.
	// Default: a Secrets Manager generated password.
	//
	// Experimental.
	MasterPassword awscdk.SecretValue `field:"optional" json:"masterPassword" yaml:"masterPassword"`
}

Username and password combination.

Example:

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import cdk "github.com/aws/aws-cdk-go/awscdk"
var vpc vpc

awscdkredshiftalpha.NewCluster(this, jsii.String("Redshift"), &ClusterProps{
	MasterUser: &Login{
		MasterUsername: jsii.String("admin"),
		MasterPassword: cdk.SecretValue_UnsafePlainText(jsii.String("tooshort")),
	},
	Vpc: Vpc,
	PubliclyAccessible: jsii.Boolean(true),
	ElasticIp: jsii.String("10.123.123.255"),
})

Experimental.

type NodeType

type NodeType string

Possible Node Types to use in the cluster used for defining `ClusterProps.nodeType`. Experimental.

const (
	// ds2.xlarge.
	// Experimental.
	NodeType_DS2_XLARGE NodeType = "DS2_XLARGE"
	// ds2.8xlarge.
	// Experimental.
	NodeType_DS2_8XLARGE NodeType = "DS2_8XLARGE"
	// dc1.large.
	// Experimental.
	NodeType_DC1_LARGE NodeType = "DC1_LARGE"
	// dc1.8xlarge.
	// Experimental.
	NodeType_DC1_8XLARGE NodeType = "DC1_8XLARGE"
	// dc2.large.
	// Experimental.
	NodeType_DC2_LARGE NodeType = "DC2_LARGE"
	// dc2.8xlarge.
	// Experimental.
	NodeType_DC2_8XLARGE NodeType = "DC2_8XLARGE"
	// ra3.xlplus.
	// Experimental.
	NodeType_RA3_XLPLUS NodeType = "RA3_XLPLUS"
	// ra3.4xlarge.
	// Experimental.
	NodeType_RA3_4XLARGE NodeType = "RA3_4XLARGE"
	// ra3.16xlarge.
	// Experimental.
	NodeType_RA3_16XLARGE NodeType = "RA3_16XLARGE"
)

type RotationMultiUserOptions

type RotationMultiUserOptions struct {
	// The secret to rotate.
	//
	// It must be a JSON string with the following format:
	// “`
	// {
	//   "engine": <required: database engine>,
	//   "host": <required: instance host name>,
	//   "username": <required: username>,
	//   "password": <required: password>,
	//   "dbname": <optional: database name>,
	//   "port": <optional: if not specified, default port will be used>,
	//   "masterarn": <required: the arn of the master secret which will be used to create users/change passwords>
	// }
	// “`.
	// Experimental.
	Secret awssecretsmanager.ISecret `field:"required" json:"secret" yaml:"secret"`
	// Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.
	// Default: Duration.days(30)
	//
	// Experimental.
	AutomaticallyAfter awscdk.Duration `field:"optional" json:"automaticallyAfter" yaml:"automaticallyAfter"`
}

Options to add the multi user rotation.

Example:

user := awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})
cluster.AddRotationMultiUser(jsii.String("MultiUserRotation"), &RotationMultiUserOptions{
	Secret: user.Secret,
})

Experimental.

type Table

type Table interface {
	constructs.Construct
	ITable
	// The cluster where the table is located.
	// Experimental.
	Cluster() ICluster
	// The name of the database where the table is located.
	// Experimental.
	DatabaseName() *string
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// The columns of the table.
	// Experimental.
	TableColumns() *[]*Column
	// Name of the table.
	// Experimental.
	TableName() *string
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be destroyed (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	//
	// This resource is retained by default.
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Grant a user privilege to access this table.
	// Experimental.
	Grant(user IUser, actions ...TableAction)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

A table in a Redshift cluster.

Example:

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
			DistKey: jsii.Boolean(true),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
	DistStyle: awscdkredshiftalpha.TableDistStyle_KEY,
})

Experimental.

func NewTable

func NewTable(scope constructs.Construct, id *string, props *TableProps) Table

Experimental.

type TableAction

type TableAction string

An action that a Redshift user can be granted privilege to perform on a table.

Example:

databaseName := "databaseName"
username := "myuser"
tableName := "mytable"

user := awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	Username: username,
	Cluster: cluster,
	DatabaseName: databaseName,
})
table := awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: databaseName,
})
table.grant(user, awscdkredshiftalpha.TableAction_INSERT)

Experimental.

const (
	// Grants privilege to select data from a table or view using a SELECT statement.
	// Experimental.
	TableAction_SELECT TableAction = "SELECT"
	// Grants privilege to load data into a table using an INSERT statement or a COPY statement.
	// Experimental.
	TableAction_INSERT TableAction = "INSERT"
	// Grants privilege to update a table column using an UPDATE statement.
	// Experimental.
	TableAction_UPDATE TableAction = "UPDATE"
	// Grants privilege to delete a data row from a table.
	// Experimental.
	TableAction_DELETE TableAction = "DELETE"
	// Grants privilege to drop a table.
	// Experimental.
	TableAction_DROP TableAction = "DROP"
	// Grants privilege to create a foreign key constraint.
	//
	// You need to grant this privilege on both the referenced table and the referencing table; otherwise, the user can't create the constraint.
	// Experimental.
	TableAction_REFERENCES TableAction = "REFERENCES"
	// Grants all available privileges at once to the specified user or user group.
	// Experimental.
	TableAction_ALL TableAction = "ALL"
)

type TableAttributes

type TableAttributes struct {
	// The cluster where the table is located.
	// Experimental.
	Cluster ICluster `field:"required" json:"cluster" yaml:"cluster"`
	// The name of the database where the table is located.
	// Experimental.
	DatabaseName *string `field:"required" json:"databaseName" yaml:"databaseName"`
	// The columns of the table.
	// Experimental.
	TableColumns *[]*Column `field:"required" json:"tableColumns" yaml:"tableColumns"`
	// Name of the table.
	// Experimental.
	TableName *string `field:"required" json:"tableName" yaml:"tableName"`
}

A full specification of a Redshift table that can be used to import it fluently into the CDK application.

Example:

databaseName := "databaseName"
username := "myuser"
tableName := "mytable"

user := awscdkredshiftalpha.User_FromUserAttributes(this, jsii.String("User"), &UserAttributes{
	Username: username,
	Password: awscdk.SecretValue_UnsafePlainText(jsii.String("NOT_FOR_PRODUCTION")),
	Cluster: cluster,
	DatabaseName: databaseName,
})
table := awscdkredshiftalpha.Table_FromTableAttributes(this, jsii.String("Table"), &TableAttributes{
	TableName: tableName,
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})
table.Grant(user, awscdkredshiftalpha.TableAction_INSERT)

Experimental.

type TableDistStyle

type TableDistStyle string

The data distribution style of a table.

Example:

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
			DistKey: jsii.Boolean(true),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
	DistStyle: awscdkredshiftalpha.TableDistStyle_KEY,
})

Experimental.

const (
	// Amazon Redshift assigns an optimal distribution style based on the table data.
	// Experimental.
	TableDistStyle_AUTO TableDistStyle = "AUTO"
	// The data in the table is spread evenly across the nodes in a cluster in a round-robin distribution.
	// Experimental.
	TableDistStyle_EVEN TableDistStyle = "EVEN"
	// The data is distributed by the values in the DISTKEY column.
	// Experimental.
	TableDistStyle_KEY TableDistStyle = "KEY"
	// A copy of the entire table is distributed to every node.
	// Experimental.
	TableDistStyle_ALL TableDistStyle = "ALL"
)

type TableProps

type TableProps struct {
	// The cluster containing the database.
	// Experimental.
	Cluster ICluster `field:"required" json:"cluster" yaml:"cluster"`
	// The name of the database.
	// Experimental.
	DatabaseName *string `field:"required" json:"databaseName" yaml:"databaseName"`
	// The secret containing credentials to a Redshift user with administrator privileges.
	//
	// Secret JSON schema: `{ username: string; password: string }`.
	// Default: - the admin secret is taken from the cluster.
	//
	// Experimental.
	AdminUser awssecretsmanager.ISecret `field:"optional" json:"adminUser" yaml:"adminUser"`
	// The columns of the table.
	// Experimental.
	TableColumns *[]*Column `field:"required" json:"tableColumns" yaml:"tableColumns"`
	// The distribution style of the table.
	// Default: TableDistStyle.AUTO
	//
	// Experimental.
	DistStyle TableDistStyle `field:"optional" json:"distStyle" yaml:"distStyle"`
	// The policy to apply when this resource is removed from the application.
	// Default: cdk.RemovalPolicy.Retain
	//
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// The sort style of the table.
	// Default: TableSortStyle.AUTO if no sort key is specified, TableSortStyle.COMPOUND if a sort key is specified
	//
	// Experimental.
	SortStyle TableSortStyle `field:"optional" json:"sortStyle" yaml:"sortStyle"`
	// A comment to attach to the table.
	// Default: - no comment.
	//
	// Experimental.
	TableComment *string `field:"optional" json:"tableComment" yaml:"tableComment"`
	// The name of the table.
	// Default: - a name is generated.
	//
	// Experimental.
	TableName *string `field:"optional" json:"tableName" yaml:"tableName"`
}

Properties for configuring a Redshift table.

Example:

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
			DistKey: jsii.Boolean(true),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
	DistStyle: awscdkredshiftalpha.TableDistStyle_KEY,
})

Experimental.

type TableSortStyle

type TableSortStyle string

The sort style of a table.

Example:

awscdkredshiftalpha.NewTable(this, jsii.String("Table"), &TableProps{
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
			SortKey: jsii.Boolean(true),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
			SortKey: jsii.Boolean(true),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
	SortStyle: awscdkredshiftalpha.TableSortStyle_COMPOUND,
})

Experimental.

const (
	// Amazon Redshift assigns an optimal sort key based on the table data.
	// Experimental.
	TableSortStyle_AUTO TableSortStyle = "AUTO"
	// Specifies that the data is sorted using a compound key made up of all of the listed columns, in the order they are listed.
	// Experimental.
	TableSortStyle_COMPOUND TableSortStyle = "COMPOUND"
	// Specifies that the data is sorted using an interleaved sort key.
	// Experimental.
	TableSortStyle_INTERLEAVED TableSortStyle = "INTERLEAVED"
)

type User

type User interface {
	constructs.Construct
	IUser
	// The cluster where the table is located.
	// Experimental.
	Cluster() ICluster
	// The name of the database where the table is located.
	// Experimental.
	DatabaseName() *string
	// Experimental.
	DatabaseProps() *DatabaseOptions
	// Experimental.
	SetDatabaseProps(val *DatabaseOptions)
	// The tree node.
	// Experimental.
	Node() constructs.Node
	// The password of the user.
	// Experimental.
	Password() awscdk.SecretValue
	// The Secrets Manager secret of the user.
	// Experimental.
	Secret() awssecretsmanager.ISecret
	// The name of the user.
	// Experimental.
	Username() *string
	// Grant this user privilege to access a table.
	// Experimental.
	AddTablePrivileges(table ITable, actions ...TableAction)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be destroyed (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	//
	// This resource is destroyed by default.
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
}

A user in a Redshift cluster.

Example:

user := awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})
cluster.AddRotationMultiUser(jsii.String("MultiUserRotation"), &RotationMultiUserOptions{
	Secret: user.Secret,
})

Experimental.

func NewUser

func NewUser(scope constructs.Construct, id *string, props *UserProps) User

Experimental.

type UserAttributes

type UserAttributes struct {
	// The cluster containing the database.
	// Experimental.
	Cluster ICluster `field:"required" json:"cluster" yaml:"cluster"`
	// The name of the database.
	// Experimental.
	DatabaseName *string `field:"required" json:"databaseName" yaml:"databaseName"`
	// The secret containing credentials to a Redshift user with administrator privileges.
	//
	// Secret JSON schema: `{ username: string; password: string }`.
	// Default: - the admin secret is taken from the cluster.
	//
	// Experimental.
	AdminUser awssecretsmanager.ISecret `field:"optional" json:"adminUser" yaml:"adminUser"`
	// The password of the user.
	//
	// Do not put passwords in CDK code directly.
	// Experimental.
	Password awscdk.SecretValue `field:"required" json:"password" yaml:"password"`
	// The name of the user.
	// Experimental.
	Username *string `field:"required" json:"username" yaml:"username"`
}

A full specification of a Redshift user that can be used to import it fluently into the CDK application.

Example:

databaseName := "databaseName"
username := "myuser"
tableName := "mytable"

user := awscdkredshiftalpha.User_FromUserAttributes(this, jsii.String("User"), &UserAttributes{
	Username: username,
	Password: awscdk.SecretValue_UnsafePlainText(jsii.String("NOT_FOR_PRODUCTION")),
	Cluster: cluster,
	DatabaseName: databaseName,
})
table := awscdkredshiftalpha.Table_FromTableAttributes(this, jsii.String("Table"), &TableAttributes{
	TableName: tableName,
	TableColumns: []column{
		&column{
			Name: jsii.String("col1"),
			DataType: jsii.String("varchar(4)"),
		},
		&column{
			Name: jsii.String("col2"),
			DataType: jsii.String("float"),
		},
	},
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})
table.Grant(user, awscdkredshiftalpha.TableAction_INSERT)

Experimental.

type UserProps

type UserProps struct {
	// The cluster containing the database.
	// Experimental.
	Cluster ICluster `field:"required" json:"cluster" yaml:"cluster"`
	// The name of the database.
	// Experimental.
	DatabaseName *string `field:"required" json:"databaseName" yaml:"databaseName"`
	// The secret containing credentials to a Redshift user with administrator privileges.
	//
	// Secret JSON schema: `{ username: string; password: string }`.
	// Default: - the admin secret is taken from the cluster.
	//
	// Experimental.
	AdminUser awssecretsmanager.ISecret `field:"optional" json:"adminUser" yaml:"adminUser"`
	// KMS key to encrypt the generated secret.
	// Default: - the default AWS managed key is used.
	//
	// Experimental.
	EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"`
	// The policy to apply when this resource is removed from the application.
	// Default: cdk.RemovalPolicy.Destroy
	//
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// The name of the user.
	//
	// For valid values, see: https://docs.aws.amazon.com/redshift/latest/dg/r_names.html
	// Default: - a name is generated.
	//
	// Experimental.
	Username *string `field:"optional" json:"username" yaml:"username"`
}

Properties for configuring a Redshift user.

Example:

user := awscdkredshiftalpha.NewUser(this, jsii.String("User"), &UserProps{
	Cluster: cluster,
	DatabaseName: jsii.String("databaseName"),
})
cluster.AddRotationMultiUser(jsii.String("MultiUserRotation"), &RotationMultiUserOptions{
	Secret: user.Secret,
})

Experimental.

Directories

Path Synopsis
Package jsii contains the functionaility needed for jsii packages to initialize their dependencies and themselves.
Package jsii contains the functionaility needed for jsii packages to initialize their dependencies and themselves.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL