AWS Redshift Clusters Should Not Be Publicly Accessible

This policy identifies AWS Redshift clusters which are accessible publicly.

Policy Details

Policy Subtype
Run, Build
Severity
Medium
Template Type
CloudFormation

Build Rules

AWS Redshift clusters should not be publicly accessible.
JSON Query:
$.Resources.*[?(@.Type=='AWS::Redshift::Cluster')].Properties.PubliclyAccessible any true
Recommendation:
Recommended solution making sure that Redshift clusters are not accessible to pubic.
It is recommended that Redshift Clusters are accessible to public. Please make sure that "PubliclyAccessible" attribute is set to "false".
For example:
"myCluster1":{ "Type":"AWS::Redshift::Cluster", "Properties":{ "DBName":"mydb", "MasterUsername":"master", "NodeType":"ds2.xlarge", "ClusterType":"single-node", "Encrypted":true, "PubliclyAccessible": false } }

Run Rule Recommendation

  1. Sign in to the AWS console.
  2. In the console, select the specific region from region drop down on the top right corner, for which the alert is generated.
  3. Navigate to the 'Redshift' service.
  4. Click on the identified Redshift cluster name.
  5. In the top menu options, click on 'Cluster' and select 'Modify' as the option.
  6. Change the value of the option 'Publicly Accessible' from Yes to No.

Compliance

There are 11 standards that are applicable to this policy:
  • MITRE ATT&CK [Beta]
  • PIPEDA
  • NIST 800-171 Rev1
  • NIST CSF
  • NIST 800-53 Rev4
  • ISO 27001:2013
  • HITRUST CSF v9.3
  • GDPR
  • CSA CCM v3.0.1
  • SOC 2
  • CCPA 2018

Recommended For You