Redshift cluster should be deployed into a specific VPC
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | redshift |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The Redshift cluster is deployed without specifying a subnet group, causing it to run outside of a defined VPC in EC2 Classic mode. This configuration lacks the network isolation and security controls provided by a VPC.
Impact#
Without VPC protection, the Redshift cluster is exposed to broader network access, increasing the risk of unauthorized access or data breaches. Attackers could exploit this exposure to access sensitive data or disrupt cluster operations.
Resolution#
Deploy Redshift cluster into a non default VPC