AWS Redshift has introduced significant changes to enhance security for newly created clusters, including disabling public accessibility by default, mandating database encryption, and enforcing secure connections. Now, clusters are only accessible within a customer's virtual private cloud (VPC), with public access requiring explicit configuration. Additionally, all clusters created without specified encryption keys will automatically use AWS-managed encryption. Finally, secure communication is enforced by default, ensuring data integrity and confidentiality. These changes aim to help users better protect their data and comply with security best practices.
Public accessibility to data has been disabled. Newly-created clusters will be accessible only within a customer's virtual private cloud [VPC]. If an administrator needs public access, they must explicitly override the default and set the ". Public accessibility to data has been disabled. Newly-created clusters will be accessible only within a customer's virtual private cloud [VPC].
Database encryption is enabled by default, so the ability to create unencrypted clusters in the Redshift console is gone. When an admin uses the console, CLI, API, or CloudFormation to create a provisioned cluster without specifying an AWS Key Management Service (AWS KMS) key, the cluster will automatically be encrypted with an AWS-owned key.
Secure connections are enforced by default, enforcing encryption of communication between applications and Amazon Redshift to protect the confidentiality and integrity of the data.
Collection
[
|
...
]