Ensure VPC is enabled for AWS Redshift Cluster

MEDIUM

Description

Custom VPC is not defined, default VPC will be used. This may lead to unauthorized network related activities.

Remediation

New Redshift clusters are created with a default VPC configured. To configure a new VPC, or move the Redshift cluster to another existing VPC, see the AWS documentation.

In Terraform -

In the aws_redshift_cluster resource, add the necessary VPC IDs to the vpc_security_group_ids list.

References:
https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-cross-vpc.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#vpc_security_group_ids

Policy Details

Rule Reference ID: AC_AWS_0097

CSP: AWS

Remediation Available: No

Domain: Infrastructure Security

Resource: aws_redshift_cluster

Resource Category: Database

Resource Type: Redshift

Frameworks

GDPR
HIPAA
ISO-27001
NIST-800-171
NIST-800-53
NIST-CSF
PCI-DSSv3.2.1
PCI-DSSv4.0

Detections

Analytics