Data at risk

Redshift cluster allows unrestricted inbound traffic

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Redshift clusters are associated with security groups in order to allow other users access to them. Redshift cluster ""{AwsRedshiftCluster}"" is associated with security groups which allow inbound access from any IP address (0.0.0.0/0 or ::/0). These security groups are - {AwsRedshiftCluster.VpcSecurityGroups}. Allowing unrestricted access to the cluster may put your data at risk

  • Recommended Mitigation

    It is recommended to associate Redshift clusters with security groups that allow inbound traffic only from authorized IP addresses. More information can be found here: <a href="https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-security-groups.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-security-groups.html</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.