Enable Automatic Major Version Upgrades for Redshift
Checks if Amazon Redshift clusters are configured to automatically upgrade to major versions, maintaining software up-to-date.
| Rule | Amazon Redshift should have automatic upgrades to major versions enabled |
| Framework | AWS Foundational Security Best Practices |
| Severity | ✔ Medium |
Rule Description:
Enabling automatic upgrades to major versions for Amazon Redshift is a best practice recommended by AWS Foundational Security. This ensures that your Redshift clusters are running on the latest version, which includes important security patches, bug fixes, and new features.
Troubleshooting Steps:
If automatic upgrades to major versions are not enabled for Amazon Redshift, you can follow the steps below to enable it:
- 1.Check Current Upgrade Settings: Verify if automatic upgrades to major versions are currently enabled for your Redshift clusters.
- 2.Update Upgrade Settings: If not enabled, you will need to update the cluster settings to enable automatic upgrades.
Necessary Codes:
There are no specific codes required for this configuration. You will need to update the Redshift cluster settings in the AWS Management Console or using AWS CLI commands.
Step-by-Step Guide for Remediation:
- 1.
AWS Management Console:
- Go to the Amazon Redshift console.
- Select the Redshift cluster for which you want to enable automatic upgrades.
- Click on the cluster properties and locate the "Maintenance" section.
- Check the option to enable automatic upgrades to major versions.
- Save the changes.
- 2.
AWS CLI: You can also enable automatic upgrades using AWS CLI with the following command:
aws redshift modify-cluster --cluster-identifier <cluster-identifier> --automated-snapshot-retention-period <value> --allow-version-upgrade
Ensure to replace
<cluster-identifier><value>By following the above steps, you will successfully enable automatic upgrades to major versions for Amazon Redshift clusters, in alignment with AWS Foundational Security Best Practices.