Redshift cluster ‘Publicly Accessible’ should not be enabled¶
Description¶
Publicly accessible Redshift clusters allow any AWS user or anonymous user access to the data in the database. Redshift clusters should not be publicly accessible.
Remediation Steps¶
AWS Console¶
Navigate to Redshift.
In the left navigation, select Clusters.
Select the desired Redshift Cluster to modify.
Select Properties in the top navigation and scroll down to the Network and security section.
In Publicly accessible, select Edit.
Select No and click Confirm.
AWS CLI¶
Change Publicly Accessible from Yes to No for your Redshift Cluster.
--cluster-identifier <value>
--no-publicly-accessible
Terraform¶
Ensure that the aws_redshift_cluster
publicly_accessible
field is set tofalse
.
Example Configuration¶
resource "aws_redshift_cluster" "valid" {
publicly_accessible = false
# other required fields here
}