feat(redshift): add initial L2 Redshift construct (#5730)

Initial commit to support Redshift as an L2 construct. This introduces the `RedshiftCluster` construct. It is by and large copy-pasted from `@aws-cdk/aws-rds` and adheres to the same functionality. **Purposeful Design Desicions** - no non-VPC clusters (a cluster will only be launched in a VPC; no L2 construct for `AWS::Redshift::ClusterSecurityGroup` or `AWS::Redshift::ClusterSecurityGroupIngress`) - cluster can only be launched in private Subnets - nodes will be encrypted - cluster will not be public and won't have an elastic IP - HSM cannot be configured **Checklist** - [x] Implementation on L2 construct for Redshift - [x] initial Unit tests - [x] additional Unit tests to satisfy coverage requirements - [x] Documentation in README.md This PR closes #5711 *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · May 27, 2020 · 703f0fa · 703f0fa
1 parent 10dd0d7
commit 703f0fa
Show file tree

Hide file tree

Showing 10 changed files with 1,117 additions and 6 deletions.
diff --git a/packages/@aws-cdk/aws-redshift/README.md b/packages/@aws-cdk/aws-redshift/README.md
@@ -9,4 +9,52 @@
 ---
 <!--END STABILITY BANNER-->
 
+### Starting a Redshift Cluster Database
+
+To set up a Redshift cluster, define a `Cluster`. It will be launched in a VPC.
+You can specify a VPC, otherwise one will be created. The nodes are always launched in private subnets and are encrypted by default.
+
+``` typescript
+import redshift = require('@aws-cdk/aws-redshift');
+...
+const cluster = new redshift.Cluster(this, 'Redshift', {
+    masterUser: {
+      masterUsername: 'admin',
+    },
+    vpc
+  });
+```
+By default, the master password will be generated and stored in AWS Secrets Manager.
+
+A default database named `default_db` will be created in the cluster. To change the name of this database set the `defaultDatabaseName` attribute in the constructor properties.
+
+### Connecting
+
+To control who can access the cluster, use the `.connections` attribute. Redshift Clusters have
+a default port, so you don't need to specify the port:
+
+```ts
+cluster.connections.allowFromAnyIpv4('Open to the world');
+```
+
+The endpoint to access your database cluster will be available as the `.clusterEndpoint` attribute:
+
+```ts
+cluster.clusterEndpoint.socketAddress;   // "HOSTNAME:PORT"
+```
+
+### Rotating credentials
+
+When the master password is generated and stored in AWS Secrets Manager, it can be rotated automatically:
+```ts
+cluster.addRotationSingleUser(); // Will rotate automatically after 30 days
+```
+
+The multi user rotation scheme is also available:
+```ts
+cluster.addRotationMultiUser('MyUser', {
+  secret: myImportedSecret
+});
+```
+
 This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project.