Medium

Ensure Redshift clusters Deferred Maintenance feature is enabled

Availability
CCPA
GDPR
HITRUST
ISO 27001
NIST4
NIST 800-53
Description

To ensure uninterrupted operation of your data warehouse during critical business periods, it is recommended that you enable the Deferred Maintenance feature for all of your Amazon Redshift clusters. With this feature, you can defer maintenance for your clusters for up to 14 days, allowing you to schedule maintenance during less busy periods. If your organization runs mission-critical workloads on Redshift, it is important to ensure that scheduled maintenance does not impact your business activities. By deferring maintenance, you can avoid interruptions and ensure that your cluster is available when you need it. Note that if a mandatory hardware replacement is scheduled for your Redshift cluster, the deferred maintenance period will be overridden. In this case, you will receive an event notification via the AWS Management Console and the SNS subscription.

Remediation

To ensure that the Deferred Maintenance feature is enabled for your Amazon Redshift clusters, you can follow these steps:

  1. Log in to your AWS Management Console and navigate to the Amazon Redshift console.
  2. Identify the Redshift cluster(s) that you want to enable Deferred Maintenance for.
  3. Select the cluster and click on the "Properties" tab.
  4. Look for the "Deferred maintenance window" setting and ensure that it is set to a value greater than zero. This value represents the maximum number of days that Redshift can defer maintenance operations.
  5. If the Deferred Maintenance feature is not enabled, click on the "Modify" button and select the checkbox for "Defer maintenance window."
  6. Set the maximum number of days to defer maintenance to a value that is appropriate for your use case.
  7. Click "Modify Cluster" to save the changes.

By enabling Deferred Maintenance for your Amazon Redshift clusters, you can reduce the impact of maintenance operations on your cluster's availability and performance. This feature allows Redshift to defer non-critical maintenance operations to a scheduled maintenance window, reducing the risk of unplanned downtime and ensuring that critical workloads are not impacted.

Enforced Resources
Redshift
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.

Step into the Future of SecOps

Take a test drive >
Schedule a live demo >