AWS Config Rule: Redshift Cluster KMS Enabled
REDSHIFT_CLUSTER_KMS_ENABLED
Eduardo Van Cauteren
Last Update vor 3 Monaten
Description: Checks if Amazon Redshift clusters are using a specified AWS Key Management Service (AWS KMS) key for encryption. The rule is COMPLIANT if encryption is enabled and the cluster is encrypted with the key provided in the kmsKeyArn parameter. The rule is NON_COMPLIANT if the cluster is not encrypted or encrypted with another key.
Trigger type: Configuration changes
AWS Region: All supported AWS regions
How to Resolve Manually
This rule checks whether you have enabled KMS encryption on your Redshift Cluster. If it is disabled, the config rule will be marked as non-compliant.
To resolve this manually, go to Amazon Redshift Console, click on Clusters and then choose the cluster you want to update. Click on Properties tab, locate the Database configurations card then click on edit button and select Edit encryption.
Choose the desired encryption values and finally click on Save changes button.
Check the following screenshot as a reference:
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
