Critical

Ensure Redshift is not accessible via Internet

Security & Compliance
Description

Ensuring that Amazon Redshift is not accessible via the internet is an important security measure that helps to protect your data from unauthorized access. Allowing inbound access from any IP address creates a large security vulnerability as it allows anyone on the internet to potentially access your Redshift cluster.

Remediation

To ensure that Amazon Redshift clusters are not accessible via the internet, you can follow these remediation steps:

  1. Log in to your AWS Management Console and navigate to the Amazon Redshift console.
  2. Identify the Redshift cluster(s) that need to be secured from internet access.
  3. Check the "Publicly Accessible" attribute of the Redshift cluster. If it is set to "Yes," the cluster can be accessed from the internet. If it is set to "No," the cluster is not accessible from the internet.
  4. If the "Publicly Accessible" attribute is set to "Yes," select the cluster and click on the "Modify" button.
  5. Under the "Network and Security" section, set the "Publicly Accessible" attribute to "No."
  6. Optionally, you can also configure the cluster to only allow connections from specific IP addresses or security groups.
  7. Click "Modify Cluster" to save the changes.
  8. Redshift will initiate a cluster resize operation to apply the changes. This will result in a temporary downtime for the cluster.
  9. Once the cluster resize operation is complete, verify that the cluster is no longer accessible from the internet.

By following these steps, you can ensure that your Amazon Redshift clusters are not accessible from the internet, which will help to reduce the risk of unauthorized access and protect your data.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.

Step into the Future of SecOps