Redshift cluster should use a specific VPC
| Severity | Exploitability | Providers | Categories |
|---|---|---|---|
| HIGH | MEDIUM | AWS | PERMISSION |
Description
AWS Redshift is a fully managed, data warehousing solution from Amazon Web Services. It is capable of processing structured and unstructured data in the range of thousands of petabytes.
By default, Redshift clusters are in the default VPC (classic mode has been deprecated). The default VPC provides both public egress and ingress capacity to resources placed inside it.
Cluster should be in a user defined VPC subnet to restrict access by default.
Impact
| Potential data exposure | Visible in logs | User interaction required | Privileges required |
|---|---|---|---|
| True | False | False | True |
Not defining a subnet can lead to data leakage and unauthorized accesses.
Remediation guidelines
Move the from the default VPC to a custom VPC. Note that the cluster will have to be re-created, which will incur some downtime.
You can follow detailed instructions on this AWS migration guide.
References
Was this page helpful?
