Azure and GCP Perimeter Security, CIS Updates, and Enhanced Plugins →
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-aws-compliance
Overview
35Dashboards
1534Benchmarks
673Queries
9Variables
GitHub

Control: Redshift Serverless namespaces should not use the default admin username

Description

This control checks whether the admin username for an Amazon Redshift Serverless namespace is the default admin username, admin. The control fails if the admin username for the Redshift Serverless namespace is admin. You can optionally specify a list of admin usernames for the control to include in the evaluation.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.redshiftserverless_namespace_no_default_admin_username

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.redshiftserverless_namespace_no_default_admin_username --share

SQL

This control uses a named query:

select
  namespace_arn as resource,
  case
    when admin_username = 'admin' then 'alarm'
    else 'ok'
  end as status,
  case
    when admin_username = 'admin' then title || ' uses default admin username.'
    else title || ' not uses default admin username.'
  end as reason
  
  , region, account_id
from
  aws_redshiftserverless_namespace;

Tags

category = Compliance
plugin = aws
service = AWS/RedshiftServerless