Redshift cluster allows unrestricted inbound traffic

Data at risk

Redshift cluster allows unrestricted inbound traffic

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

CCM-CSA
GDPR
HITRUST
NIST 800-53

Description

Redshift clusters are associated with security groups in order to allow other users access to them. Redshift cluster ""{AwsRedshiftCluster}"" is associated with security groups which allow inbound access from any IP address (0.0.0.0/0 or ::/0). These security groups are - {AwsRedshiftCluster.VpcSecurityGroups}. Allowing unrestricted access to the cluster may put your data at risk

Recommended Mitigation

It is recommended to associate Redshift clusters with security groups that allow inbound traffic only from authorized IP addresses. More information can be found here: https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-security-groups.html

Redshift cluster allows unrestricted inbound traffic

Description

Need help?