Ensure your Redshift clusters are enforcing SSL connections

Ensure that your Redshift clusters are only allowing SSL traffic to the cluster to ensure no data leakage via a man in the middle type attack. Having this enabled is considered a security best practice and should always be done. Ensuring this is enabled will help with NIST, PCI-DSS and GDPR compliance.

Audit & Remediation

 

 

  • Select the Cluster hyperlink for the database cluster you would like to check.
  • Under Properties scroll down to Database configurations and look under Parameter group to see if this is set to default.redshift-1.0.
  • If Parameter group is currently set to default.redshift-1.0 then select the default.redshift-1.0 hyperlink.
  • In the Parameter groups section press the Create button and create a new Parameter group.
  • Select the new Parameter group you just created and select the Edit parameters button.

 

 

  • At require_ssl set this value to true and save.

 

 

  • Navigate back to the Clusters page and select the Cluster hyperlink that we need to modify.
  • Navigate to the Properties tab and then under Database configurations select the Edit button.

 

 

  • Under Database configurations change the Parameter group to the parameter group you created in the previous steps.

 

 

  • Select the Modify cluster to save your changes.
  • Repeat the outlined steps for each redshift cluster you have.
See all of your AWS Redshift Clusters in a single place!

Do you want to see all Redshift Clusters in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

 

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +