AWS Config Rule: Redshift Cluster Require TLS SSL
REDSHIFT_REQUIRE_TLS_SSL
Fernando Honig
Last Update 10 months ago
Description: Checks whether Amazon Redshift clusters require TLS/SSL encryption to connect to SQL clients. The rule is NON_COMPLIANT if any Amazon Redshift cluster has parameter require_SSL not set to true.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Europe (Spain), Europe (Zurich) Region
How to Resolve Manually
To resolve this manually, you will need to take a look at the assigned Parameter Group for your Redshift Cluster
According to the AWS Documentation on default values for Parameter Groups, the require_ssl parameter is by default set to false.
You will be able to modify the parmeters using the AWS CLI with the following command:
aws redshift modify-cluster-parameter-group --parameter-group-name your-param-group-name --parameters ParameterName=require_ssl,ParameterValue=true
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
