Summary: Amazon has introduced significant security enhancements for Redshift to address vulnerabilities associated with misconfigurations and insecure defaults. The changes aim to provide stronger protection against data breaches and unauthorized access. Organizations are encouraged to review and adapt their configurations to align with these new security measures.
Affected: Amazon Redshift, AWS customers
Keypoints :
- Public access for new clusters will be restricted by default, requiring explicit permission for access.
- All clusters will now have encryption enabled by default, with users needing to specify an encryption key if not using an AWS-managed key.
- Secure SSL (TLS) connections will be enforced by default for all new and restored clusters to prevent data interception.
- These changes will affect newly created provisioned clusters, serverless workgroups, and restored clusters, while existing setups remain unchanged.
- Customers are encouraged to review and update their configurations to align with the new security defaults and avoid disruption.