From 460bb1e1660eff36edddedb35838afd604490228 Mon Sep 17 00:00:00 2001
From: Wojciech Inglot <wojciech@inglot.net.pl>
Date: Wed, 26 Jan 2022 10:20:56 +0100
Subject: [PATCH] Remove CASCADE from ALTER DEFAULT when dropping users and
 groups

AWS Redshift recently released a Role-based Access Control(RBAC) feature, which simplifies the managing of security privileges with Amazon Redshift.
RBAC doesn't support CASCADE parameter when modifying privileges by using REVOKE and ALTER DEFAULT PRIVILEGES.
---
 redshift/resource_redshift_group.go | 2 +-
 redshift/resource_redshift_user.go  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/redshift/resource_redshift_group.go b/redshift/resource_redshift_group.go
index 0b77ae7..fc9caca 100644
--- a/redshift/resource_redshift_group.go
+++ b/redshift/resource_redshift_group.go
@@ -158,7 +158,7 @@ func resourceRedshiftGroupDelete(db *DBConnection, d *schema.ResourceData) error
 		if _, err := tx.Exec(fmt.Sprintf("REVOKE ALL ON ALL TABLES IN SCHEMA %s FROM GROUP %s", pq.QuoteIdentifier(schemaName), pq.QuoteIdentifier(groupName))); err != nil {
 			return err
 		}
-		if _, err := tx.Exec(fmt.Sprintf("ALTER DEFAULT PRIVILEGES IN SCHEMA %s REVOKE ALL ON TABLES FROM GROUP %s CASCADE", pq.QuoteIdentifier(schemaName), pq.QuoteIdentifier(groupName))); err != nil {
+		if _, err := tx.Exec(fmt.Sprintf("ALTER DEFAULT PRIVILEGES IN SCHEMA %s REVOKE ALL ON TABLES FROM GROUP %s", pq.QuoteIdentifier(schemaName), pq.QuoteIdentifier(groupName))); err != nil {
 			return err
 		}
 	}
diff --git a/redshift/resource_redshift_user.go b/redshift/resource_redshift_user.go
index 37e133f..2a05eac 100644
--- a/redshift/resource_redshift_user.go
+++ b/redshift/resource_redshift_user.go
@@ -400,7 +400,7 @@ func resourceRedshiftUserDelete(db *DBConnection, d *schema.ResourceData) error
 			return err
 		}
 
-		if _, err := tx.Exec(fmt.Sprintf("ALTER DEFAULT PRIVILEGES IN SCHEMA %s REVOKE ALL ON TABLES FROM %s CASCADE", pq.QuoteIdentifier(schemaName), pq.QuoteIdentifier(userName))); err != nil {
+		if _, err := tx.Exec(fmt.Sprintf("ALTER DEFAULT PRIVILEGES IN SCHEMA %s REVOKE ALL ON TABLES FROM %s", pq.QuoteIdentifier(schemaName), pq.QuoteIdentifier(userName))); err != nil {
 			return err
 		}