Redshift cluster is not using the EC2-VPC platform
Incident Management is now generally available! Incident Management is now generally available!
<  Back to rules search

Redshift cluster is not using the EC2-VPC platform

redshift

Classification:

compliance

Set up the redshift integration.

Overview

Description

Confirm Redshift Clusters are using the AWS EC2-VPC platform for better cluster security.

Rationale

The AWS EC2-VPC platform offers better security control and traffic routing for clusters than the outdated EC2-Classic platform.

Remediation

Console

Follow the Use EC2-VPC when you create your cluster docs to learn how to use the EC2-VPC platform in the console to secure your clusters.

CLI

  1. Run describe-clusters with a cluster-identifier to retrieve cluster metadata.

    describe-clusters.sh

        aws redshift describe-clusters
    	    --cluster-identifier cluster-id
        
  2. Run create-cluster with the metadata to launch a new cluster within a VPC.

    describe-clusters.sh

            aws redshift create-cluster
                --cluster-identifier cluster-id
                --vpc-security-group-ids id-012a3b4c
                --port 5439
                ...
        
  3. Re-run describe-clusters with a custom query filter to retrieve the database cluster endpoint.

    describe-clusters.sh

        aws redshift describe-clusters
    	    --cluster-identifier cluster-id
    	    --query 'Clusters[*].Endpoint.Address'
        
  4. Reload the old cluster data into the new database cluster with the Unload Copy Utility.

  5. Run delete-cluster to delete the old cluster.

    delete-cluster.sh

        aws redshift create-cluster
    	    --cluster-identifier old-cluster-identifier
    	    ...