Description:
Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. You can start with just a few hundred gigabytes of data and scale to a petabyte or more. This enables you to use your data to acquire new insights for your business and customers.
Rational:
Snapshots are point-in-time backups of a cluster. There are two types of snapshots: automated and manual. You can create a snapshot schedule to control when automated snapshots are taken, or you can take a manual snapshot any time. Redshift stores these snapshots internally in Amazon S3 by using an encrypted Secure Sockets Layer (SSL) connection.
Impact:
Redshift automatically takes incremental snapshots that track changes to the cluster since the previous automated snapshot. Automated snapshots retain all of the data required to restore a cluster from a snapshot.
Default value:
By default, the Redshift cluster enables Automatic Backup.
Audit:
Login to AWS management console
Go to Amazon Redshift service at https://console.aws.amazon.com/redshiftv2
Click on the clusters in the left navigation pane
Select the cluster you want to examine and go to the configurations tab
Under the Backup section, verify the Automated Snapshot Retention Period attribute value.
If the value is set to 0, the particular cluster is not taking automated backups.
Via CLI:
aws redshift describe-clusters
--region us-east-1
--cluster-identifier cc-redshift-cluster
--query 'Clusters[*].AutomatedSnapshotRetentionPeriod'
Remediation:
Pre-requisites:
Sign in as admin or IAM user with required permissions
Implementation steps:
Login to AWS management console
Go to Amazon Redshift service at https://console.aws.amazon.com/redshiftv2
Click on the clusters in the left navigation pane
- Select the cluster you want to enable backups and click on Modify
- In the Modify Cluster page, select a number between 1 and 35 from the Automated snapshot retention period dropdown list to enable automated backups
- Click on Modify
Via CLI:
aws redshift modify-cluster
--region us-east-1
--cluster-identifier cc-redshift-cluster
--automated-snapshot-retention-period 15
Backout plan:
To revoke the changes follow the implementation steps and in step 5 set the retention period as you require.
To disable automated snapshots, set the retention period to zero. If you disable automated snapshots, Amazon Redshift stops taking snapshots and deletes any existing automated snapshots for the cluster.
Note:
When automated snapshots are enabled for a cluster, Amazon Redshift periodically takes snapshots of that cluster. By default, Amazon Redshift takes a snapshot about every eight hours or following every 5 GB per node of data changes, or whichever comes first. Alternatively, you can create a snapshot schedule to control when automated snapshots are taken. Automated snapshots are enabled by default when you create a cluster.