turbot/aws_perimeter

Control: Redshift clusters should prohibit public access

Description

This control checks whether Redshift clusters are publicly accessible. It is recommended that your Redshift clusters should not be public in order to prevent potential leak or misuse of sensitive data or any other kind of security threat.

Usage

Run the control in your terminal:

powerpipe control run aws_perimeter.control.redshift_cluster_prohibit_public_access

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_perimeter.control.redshift_cluster_prohibit_public_access --share

Steampipe Tables

SQL

select
cluster_namespace_arn as resource,
case
when publicly_accessible then 'alarm'
else 'ok'
end status,
case
when publicly_accessible then title || ' publicly accessible.'
else title || ' not publicly accessible.'
end reason
, region, account_id
from
aws_redshift_cluster;

Tags