Data at risk

Redshift cluster allows unrestricted inbound traffic

Platform(s)
Compliance Frameworks
  • Brazilian General Data Protection (LGPD)
  • ,
  • CCPA
  • ,
  • coppa
  • ,
  • CPRA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • GDPR
  • ,
  • HITRUST
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • Mitre ATT&CK
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-53
  • ,
  • PDPA
  • ,
  • pipeda
  • ,
  • UK Cyber Essentials

Description

Redshift clusters are associated with security groups in order to allow other users access to them. Redshift cluster ""{AwsRedshiftCluster}"" is associated with security groups which allow inbound access from any IP address (0.0.0.0/0 or ::/0). These security groups are - {AwsRedshiftCluster.VpcSecurityGroups}. Allowing unrestricted access to the cluster may put your data at risk