- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Confirm Redshift clusters are using a custom master user name, versus the default master user name.
Default master user names for publicly accessible clusters can be a backdoor for hacking. While setting a custom master user name alone does not fully protect against attacks, restricting the root account only to privileged users and using additional password measures can add an additional layer of protection.
Follow the Getting information about cluster configuration docs to access your cluster configuration information. If the cluster has a master user name of awsuser
, it is the default master user name. Modify the user name to a custom user name in the console.
Run describe-clusters
with a cluster-identifier
to retrieve cluster metadata.
describe-clusters.sh
aws redshift describe-clusters
--cluster-identifier cluster-name
Run create-cluster
with the returned cluster metadata to launch a new cluster with the existing metadata and a new master user name.
create-cluster.sh
aws redshift create-cluster
--cluster-identifier old-cluster-identifier
--master-username awsmasterusr
--vpc-security-group-ids id-012a3b4c
...
Re-run describe-clusters
with a custom query filter to retrieve the database cluster endpoint.
describe-clusters.sh
aws redshift describe-clusters
--cluster-identifier new-cluster-identifier
--query 'Clusters[*].Endpoint.Address'
Reload the old cluster data into the new database cluster with the Unload Copy Utility.
Use the returned new database cluster endpoint URL from step 3 to update your application’s configuration to point to the new cluster endpoint.
Run delete-cluster
to delete the old cluster.
delete-cluster.sh
aws redshift create-cluster
--cluster-identifier old-cluster-identifier
...