AWS Redshift
About
Monitor and audit Redshift to ensure security, availability, reliability is not compromised.
Reliability
Deferred Maintenance
Deferred Maintenance feature should be enabled for your Amazon Redshift clusters.
Security
Enable Redshift User Activity Logging
User activity logging should be enabled for your Amazon Redshift clusters.
Redshift Automated Snapshot Retention Period
Retention period should be enabled for Amazon Redshift automated snapshots.
Redshift Cluster Allow Version Upgrade
Version Upgrade should be enabled for Redshift clusters to automatically receive upgrades during the maintenance window.
Redshift Cluster Audit Logging Enabled
Audit logging should be enabled for Redshift clusters for security and troubleshooting purposes.
Redshift Cluster Default Master Username
AWS Redshift database clusters should not be using "awsuser" (default master user name) for database access.
Redshift Cluster Default Port
Amazon Redshift clusters should not be using port 5439 (default port) for database access.
Redshift Cluster Encrypted
Database encryption should be enabled for AWS Redshift clusters to protect your data at rest.
Redshift Cluster Encrypted With KMS Customer Master Keys
Redshift clusters should be encrypted with KMS customer master keys (CMKs) in order to have full control over data encryption and decryption.
Redshift Cluster In VPC
Amazon Redshift clusters should be launched within a Virtual Private Cloud (VPC).
Redshift Cluster Publicly Accessible
Amazon Redshift clusters should not be publicly accessible in order to minimise security risks.
Redshift Desired Node Type
Your AWS Redshift cluster nodes should be of a given type.
Redshift Nodes Counts
Your AWS account should not have reached the limit set for the number of Redshift cluster nodes.
Redshift Parameter Group Require SSL
AWS Redshift non-default parameter groups require SSL to secure data in transit.
Cost optimisation
Idle Redshift Cluster
Idle AWS Redshift clusters should be terminated in order to optimize AWS costs.
Redshift Reserved Node Lease Expiration In The Next 30 Days
Amazon Redshift Reserved Nodes (RN) should be renewed before expiration.
Redshift Reserved Node Lease Expiration In The Next 7 Days
Amazon Redshift Reserved Nodes (RN) should be renewed before expiration.
Redshift Reserved Node Payment Failed
Ensure that none of your AWS Redshift Reserved Node purchases have been failed.
Redshift Reserved Node Payment Pending
Ensure that none of your AWS Redshift Reserved Node purchases are pending.
Redshift Reserved Node Recent Purchases
Ensure Redshift Reserved Node purchases are regularly reviewed for cost optimization (informational).
Underutilized Redshift Cluster
Underutilized Redshift clusters should be downsized in order to optimize AWS costs.
Unused Redshift Reserved Nodes
Ensure that your Amazon Redshift Reserved Nodes are being utilized.
Performance Efficiency
Redshift Disk Space Usage
AWS Redshift clusters with high disk usage should be scaled to increase their storage capacity.
Redshift Instance Generation
Redshift clusters should be using the latest generation of nodes for performance improvements.
Sources
https://www.cloudanix.com/recipelist/aws/redshiftmonitoring
Help Us Improve!
If you have any suggestions to improve this checklist, please let us know by filling out
this form.
