| CARVIEW |
redshift-cluster-configuration-check
Checks if Amazon Redshift clusters have the specified settings. The rule is NON_COMPLIANT if the Amazon Redshift cluster is not encrypted or encrypted with another key, or if a cluster does not have audit logging enabled.
Identifier: REDSHIFT_CLUSTER_CONFIGURATION_CHECK
Resource Types: AWS::Redshift::Cluster
Trigger type: Configuration changes
AWS Region: All supported AWS regions except Asia Pacific (Thailand), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Malaysia), Mexico (Central), Asia Pacific (Taipei), Canada West (Calgary), Europe (Spain) Region
Parameters:
- clusterDbEncrypted
- Type: boolean
- Default: true
-
Database encryption is enabled.
- loggingEnabled
- Type: boolean
- Default: true
-
Audit logging is enabled.
- nodeTypes (Optional)
- Type: CSV
- Default: dc1.large
-
Specify node type.
AWS CloudFormation template
To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.
Thanks for letting us know we're doing a good job!
If you've got a moment, please tell us what we did right so we can do more of it.
Thanks for letting us know this page needs work. We're sorry we let you down.
If you've got a moment, please tell us how we can make the documentation better.