AWS Config Rule: Redshift Cluster KMS Enabled

REDSHIFT_CLUSTER_KMS_ENABLED

Eduardo Van Cauteren

Last Update há 4 meses

Description: Checks if Amazon Redshift clusters are using a specified AWS Key Management Service (AWS KMS) key for encryption. The rule is COMPLIANT if encryption is enabled and the cluster is encrypted with the key provided in the kmsKeyArn parameter. The rule is NON_COMPLIANT if the cluster is not encrypted or encrypted with another key.


Trigger type: Configuration changes


AWS Region: All supported AWS regions


How to Resolve Manually

This rule checks whether you have enabled KMS encryption on your Redshift Cluster. If it is disabled, the config rule will be marked as non-compliant.


To resolve this manually, go to Amazon Redshift Console, click on Clusters and then choose the cluster you want to update. Click on Properties tab, locate the Database configurations card then click on edit button and select Edit encryption.

Choose the desired encryption values and finally click on Save changes button.

Check the following screenshot as a reference:


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us