Why Amazon Redshift Clusters should not be publicly accessible?

AWS Redshift cluster publicly accessible

Ensuring cloud security is the priority for most of the organizations. Organizations want their cloud infrastructure to attain maximum levels of security which allows them to deploy their data, resources without getting worried about security threats. It is necessary to make sure that your Amazon Redshift clusters are not publicly accessible.

Why Amazon Redshift clusters should not be publicly accessible?

Users can control the accessibility and privacy of their Redshift clusters associated with EC2-VPC. It is recommended that Redshift clusters should not be publicly accessible to other accounts in AWS. Publicly accessible cluster means that other AWS users can access your cluster and the data stored in it which can lead to its misuse.

How can Centilytics assist you?

Centilytics lists down all your Redshift clusters which are publicly accessible and allows you to analyze and act against them using your AWS account.

Insight descriptions

There can be 2 possible scenarios:

Severity Description
OK This indication will be displayed when Redshift cluster’s accessibility is secured i.e. cluster is not publicly accessible to other accounts on AWS.
CRITICAL This indication will be displayed when Redshift cluster’s accessibility is not secured i.e. cluster is publicly accessible to other accounts on AWS.

 

Description of further columns are as follows:

  1. Account Id: This column Shows the respective account ID of the user’s account. publicly accessible AWS Redshift Cluster-ss6
  2. Account Name: This column shows the corresponding account name to the user’s account.publicly accessible AWS Redshift Cluster-ss1
  3. Region: This column shows the region in which the corresponding Redshift cluster exists.publicly accessible AWS Redshift Cluster-ss2
  4. Identifier: This column shows the name of the corresponding Redshift cluster.publicly accessible AWS Redshift Cluster-ss3
  5. Publicly Accessible: This column shows the status of the corresponding Amazon Redshift clusters specifying whether the clusters are publicly accessible or not. If a cluster is publicly accessible, then true will be displayed, otherwise false will be displayed.publicly accessible AWS Redshift Cluster-ss8

 

Filters applicable:

Filter Name Description
Account Id Applying account Id filter will display data for the selected account Id.
Region Applying region filter will display data according to the selected region.
Severity Applying severity filter will display data according to the selected severity type i.e. selecting critical will display all resources with critical severity. Same will be the case for warning and ok severity types
Resource Tags Applying resource tags filter will display those resources which have been assigned the selected resource tag. For eg: If the user has tagged some resource by a tag named environment, then selecting an environment from the resource tags filter will display all the data accordingly.
Resource Tags Value Applying resource tags value filter will display data which will have the selected resource tag value. For eg: If the user has tagged some resource by a tag named “environment” and has given it a value say production (environment:production), the user will be able to view data of all the resources which are tagged as “environment:production”. The user can use the tag value filter only when a tag name has been provided.

 

Read more: 

[1]. https://docs.aws.amazon.com/redshift/latest/mgmt/welcome.html

[2] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html

LEAVE A REPLY

Please enter your comment!
Please enter your name here