Resource Type: AWS > Redshift > Cluster

Resource Context

Cluster is a part of the Redshift service.

Each Cluster lives under a Region.

Controls

The primary controls for AWS > Redshift > Cluster are:

• Active
• Approved
• Audit Logging
• Backup Retention Period
• CMDB
• Discovery
• Encryption at Rest
• Encryption in Transit
• Parameter Group
• Publicly Accessible
• Schedule
• Tags
• Usage

It is also targeted by these controls:

• AWS > HIPAA > Redshift > Amazon Redshift clusters should have automatic snapshots enabled
• AWS > HIPAA > Redshift > Redshift cluster audit logging and encryption should be enabled
• AWS > HIPAA > Redshift > Redshift cluster encryption in transit should be enabled
• AWS > HIPAA > Redshift > Redshift clusters should prohibit public access
• AWS > NIST 800-53 > Redshift > Amazon Redshift enhanced VPC routing should be enabled
• AWS > NIST 800-53 > Redshift > Redshift cluster audit logging and encryption should be enabled
• AWS > NIST 800-53 > Redshift > Redshift cluster encryption in transit should be enabled
• AWS > NIST 800-53 > Redshift > Redshift clusters should prohibit public access
• AWS > PCI v3.2.1 > Redshift > 1 Amazon Redshift clusters should prohibit public access

Quick Actions

• Delete from AWS
• Set Tags
• Skip alarm for Active control
• Skip alarm for Active control [90 days]
• Skip alarm for Approved control
• Skip alarm for Approved control [90 days]
• Skip alarm for Encryption at Rest control
• Skip alarm for Encryption at Rest control [90 days]
• Skip alarm for Tags control
• Skip alarm for Tags control [90 days]

Category

• Database

In Your Workspace

• Controls by Resource Type report
• Policy Settings by Resource Type report
• Resources by Resource Type report

Developers

Resource Type URI

tmod:@turbot/aws-redshift#/resource/types/cluster

Category URI

tmod:@turbot/turbot#/resource/categories/database

GraphQL

query resource(id: "tmod:@turbot/aws-redshift#/resource/types/cluster") { … }

query resourceActivities(filter: "resourceId:'tmod:@turbot/aws-redshift#/resource/types/cluster'") { … }

mutation createResource(input: { … })

mutation updateResource(input: { … })

CLI

Get Resource

turbot graphql resource --id "tmod:@turbot/aws-redshift#/resource/types/cluster"

Steampipe Query

Get Resource

select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/aws-redshift#/resource/types/cluster';

Get Policy Settings (By Resource ID)

select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/aws-redshift#/resource/types/cluster"';

Get Resource Notification

select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/aws-redshift#/resource/types/cluster' and notification_type in ('resource_updated', 'resource_created');