Redshift clusters that contain sensitive data or are subject to regulation should be encrypted at rest to prevent data leakage should the infrastructure be compromised.
Impact
Data may be leaked if infrastructure is compromised
Recommended Actions
Follow the appropriate remediation steps below to resolve the issue.
Enable encryption using CMK
1
2
3
4
5
6
7
8
9
10
AWSTemplateFormatVersion: 2010-09-09
Description: Good example of redshift cluster
Resources:
Queue:
Type: AWS::Redshift::Cluster
Properties:
Encrypted: true
KmsKeyId: "something"