AWS RedShift Audit

Deferred Maintenance

Deferred Maintenance feature should be enabled for your Amazon Redshift clusters.

Enable Redshift User Activity Logging

User activity logging should be enabled for your Amazon Redshift clusters.

Idle Redshift Cluster

Idle AWS Redshift clusters should be terminated in order to optimize AWS costs.

Redshift Automated Snapshot Retention Period

Retention period should be enabled for Amazon Redshift automated snapshots.

Redshift Cluster Allow Version Upgrade

Version Upgrade should be enabled for Redshift clusters to automatically receive upgrades during the maintenance window.

Redshift Cluster Audit Logging Enabled

Audit logging should be enabled for Redshift clusters for security and troubleshooting purposes.

Redshift Cluster Default Master Username

AWS Redshift database clusters should not be using "awsuser" (default master user name) for database access.

Redshift Cluster Default Port

Amazon Redshift clusters should not be using port 5439 (default port) for database access.

Redshift Cluster Encrypted

Database encryption should be enabled for AWS Redshift clusters to protect your data at rest.

Redshift Cluster Encrypted With KMS Customer Master Keys

Redshift clusters should be encrypted with KMS customer master keys (CMKs) in order to have full control over data encryption and decryption.

Redshift Cluster In VPC

Amazon Redshift clusters should be launched within a Virtual Private Cloud (VPC).

Redshift Cluster Publicly Accessible

Amazon Redshift clusters should not be publicly accessible in order to minimise security risks.

Redshift Desired Node Type

Your AWS Redshift cluster nodes should be of a given type.

Redshift Disk Space Usage

AWS Redshift clusters with high disk usage should be scaled to increase their storage capacity.

Redshift Instance Generation

Redshift clusters should be using the latest generation of nodes for performance improvements.

Redshift Nodes Counts

Your AWS account should not have reached the limit set for the number of Redshift cluster nodes.

Redshift Parameter Group Require SSL

AWS Redshift non-default parameter groups require SSL to secure data in transit.

Redshift Reserved Node Lease Expiration In The Next 30 Days

Amazon Redshift Reserved Nodes (RN) should be renewed before expiration.

Redshift Reserved Node Lease Expiration In The Next 7 Days

Amazon Redshift Reserved Nodes (RN) should be renewed before expiration.

Redshift Reserved Node Payment Failed

Ensure that none of your AWS Redshift Reserved Node purchases have been failed.

Redshift Reserved Node Payment Pending

Ensure that none of your AWS Redshift Reserved Node purchases are pending.

Redshift Reserved Node Recent Purchases

Ensure Redshift Reserved Node purchases are regularly reviewed for cost optimization (informational).

Underutilized Redshift Cluster

Underutilized Redshift clusters should be downsized in order to optimize AWS costs.

Unused Redshift Reserved Nodes

Ensure that your Amazon Redshift Reserved Nodes are being utilized.

We suggest you use the checklist!

If you are not yet convinced to sign up with Cloudanix, that's not a problem. We recommend you use a comprehensive checklist which your team can use to perform a manual assessment of your workload.