Risk Level: Critical
Cloud Entity: Amazon Redshift
CloudGuard Rule ID: D9.AWS.NET.51
Covered by Spectral: Yes
Category: Database

GSL LOGIC

Redshift should not have isPublic=true

REMEDIATION

From Portal

Sign in to the AWS console.
In the console, select the specific region.
Navigate to the 'Redshift' service.
Click the identified Redshift cluster name.
In the top menu options, click 'Cluster' and choose 'Actions' as the option.
Click on 'Modify Publicly accessible setting' option.
Choose 'enable' option and click 'save changes'.

From TF

resource "aws_redshift_cluster" "test" {
	cluster_identifier = "tf-redshift-cluster"
	database_name      = "mydb"
	master_username    = "foo"
	master_password    = "Mustbe8characters"
	node_type          = "dc1.large"
	cluster_type       = "single-node"
	+ publicly_accessible = false
}

From Command Line
To Disbale 'Publicly-accessible' Run:

aws redshift modify-cluster --region us-east-1 --cluster-identifier redshift-cluster-1 --no-publicly-accessible

References

https://aws.amazon.com/premiumsupport/knowledge-center/redshift-cluster-private-public/

Amazon Redshift

Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools. It allows you to run complex analytic queries against petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance local disks, and massively parallel query execution. Most results come back in seconds. With Amazon Redshift, you can start small for just $0.25 per hour with no commitments and scale out to petabytes of data for $1,000 per terabyte per year, less than a tenth the cost of traditional solutions.

Compliance Frameworks

AWS CCPA Framework
AWS CSA CCM v.4.0.1
AWS CloudGuard Best Practices
AWS CloudGuard SOC2 based on AICPA TSC 2017
AWS CloudGuard Well Architected Framework
AWS HITRUST
AWS HITRUST v11.0.0
AWS ISO27001:2022
AWS ITSG-33
AWS MAS TRM Framework
AWS MITRE ATT&CK Framework v10
AWS MITRE ATT&CK Framework v11.3
AWS NIST 800-53 Rev 5
AWS Security Risk Management
CloudGuard AWS All Rules Ruleset
CloudGuard AWS Default Ruleset