AWS Config Rule: Redshift Cluster Require TLS SSL

REDSHIFT_REQUIRE_TLS_SSL

Fernando Honig

Last Update 8 months ago

Description: Checks whether Amazon Redshift clusters require TLS/SSL encryption to connect to SQL clients. The rule is NON_COMPLIANT if any Amazon Redshift cluster has parameter require_SSL not set to true.


Trigger type: Configuration changes


AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Europe (Spain), Europe (Zurich) Region


How to Resolve Manually

To resolve this manually, you will need to take a look at the assigned Parameter Group for your Redshift Cluster


According to the AWS Documentation on default values for Parameter Groups, the require_ssl parameter is by default set to false.


You will be able to modify the parmeters using the AWS CLI with the following command:


aws redshift modify-cluster-parameter-group --parameter-group-name your-param-group-name --parameters ParameterName=require_ssl,ParameterValue=true

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us