Redshift DB is not encrypted Affecting Redshift service in AWS

Snyk CCSS

Data / Access

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Controls CSA-CCM GDPR HIPAA ISO-27001 NIST-800-53 SOC-2

Snyk ID SNYK-CC-00233
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Should someone gain unauthorized access to the data, they would be able to read the contents.

How to fix?

Set the aws_redshift_cluster encrypted attribute to true.

Example Configuration

resource "aws_redshift_cluster" "encryption_enabled" {
  cluster_identifier = "tf-redshift-cluster"
  database_name      = "mydb"
  master_username    = "myusername"
  master_password    = "Mustbe8characters"
  node_type          = "dc1.large"
  cluster_type       = "single-node"
  encrypted          = true
}

Terraform

Resource: aws_redshift_cluster

References

Encryption at rest