Enable Audit Logging for Redshift Clusters
Ensures that Amazon Redshift clusters have audit logging enabled for security, compliance, and troubleshooting.
| Rule | Amazon Redshift clusters should have audit logging enabled |
| Framework | AWS Foundational Security Best Practices |
| Severity | ✔ Medium |
Rule Description:
To ensure compliance with AWS Foundational Security Best Practices, it is recommended to enable audit logging for Amazon Redshift clusters. Audit logging helps in monitoring and tracking activities within the Redshift cluster, providing valuable insights for security and compliance purposes.
Troubleshooting Steps:
If audit logging is not enabled for the Amazon Redshift cluster, follow the steps below:
- 1.Navigate to the Amazon Redshift console.
- 2.Select the Redshift cluster for which you want to enable audit logging.
- 3.Click on the "Properties" tab.
- 4.Under the "Cluster operations" section, find the "Audit logging" option.
- 5.Click on "Edit".
- 6.Enable audit logging by selecting the appropriate settings.
- 7.Click on "Save" to apply the changes.
Necessary Codes:
No specific codes required for enabling audit logging for Amazon Redshift clusters as it can be done through the AWS Management Console.
Remediation Steps:
To enable audit logging for an Amazon Redshift cluster, follow the steps below:
- 1.Open the Amazon Redshift Console.
- 2.Select the Redshift cluster for which you want to enable audit logging.
- 3.Click on the "Properties" tab.
- 4.Under the "Cluster operations" section, locate the "Audit logging" option and click on "Edit".
- 5.Choose the appropriate settings for audit logging (e.g., enable logging, specify the Amazon S3 bucket for logs, set the encryption options).
- 6.Click on "Save" to apply the changes.
By following these steps, audit logging will be successfully enabled for the Amazon Redshift cluster, ensuring compliance with AWS Foundational Security Best Practices.