Detections
Analytics

Ensure AWS Redshift database clusters are not using 'awsuser' (default master user name) for database access

MEDIUM

Description

AWS Redshift database clusters are using 'awsuser' (default master user name) for database access.

Remediation

In AWS Console -

  1. Sign in to the AWS Console and go to the AWS Redshift Console.
  2. In the Redshift Dashboard, click on Databases.
  3. Select Modify to modify the instance of your choice.
  4. Change the username if it is something common like 'awsuser'.

In Terraform -

  1. In the aws_redshift_cluster resource, set the master_username field to something other than awsuser.

References:
https://docs.aws.amazon.com/redshift/latest/dg/r_Users.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_cluster

Policy Details

Rule Reference ID: AC_AWS_0383
CSP: AWS
Remediation Available: Yes
Domain: Compliance Validation
Resource: aws_redshift_cluster
Resource Category: Database
Resource Type: Redshift

Frameworks