Detections
Analytics

Ensure allow version upgrade is enabled for AWS Redshift Clusters

LOW

Description

Version Upgrade is disabled for Redshift clusters to automatically receive upgrades during the maintenance window.

Remediation

In AWS Console -

  1. Go to the Redshift Dashboard.
  2. In the navigation panel, Select clusters and select the cluster.
  3. In the Backup, Audit Logging and Maintenance section, check the Allow Version Upgrade status.

In Terraform -

  1. In the aws_redshift_cluster resource, set 'allow_version_upgrade' attribute to 'true'.

References:
https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster#allow_version_upgrade

Policy Details

Rule Reference ID: AC_AWS_0201
CSP: AWS
Remediation Available: Yes
Domain: Security Best Practices
Resource: aws_redshift_cluster
Resource Category: Database
Resource Type: Redshift

Frameworks