Profile Applicability:
Level 1
Description:
Amazon Redshift is a fully managed data warehouse service that allows for scalable storage and fast query performance. One of the key features to ensure data durability and availability in case of failure is automated snapshots. Automated snapshots are backups that Amazon Redshift takes of the cluster at regular intervals, ensuring that your data is preserved and recoverable in case of unexpected failures.
Enabling automated snapshots allows you to restore a Redshift cluster to any point in time during the retention period, which ensures that data loss is minimized and recovery is possible even in case of hardware failure or human error.
Rationale:
Data Durability: Automated snapshots provide data protection by taking backups regularly and retaining them for a configurable period.
Disaster Recovery: With automated snapshots, you can recover your Redshift cluster to a specific point in time in case of failure, ensuring business continuity.
Compliance: Many compliance frameworks (e.g., SOC 2, HIPAA, PCI-DSS) require the use of automated backups to ensure data availability and protection.
Operational Resilience: Automated snapshots enable better operational resilience by automatically creating and retaining backups without requiring manual intervention.
Impact:
Pros:
Improved Data Protection: Provides an additional layer of protection for your Redshift data, ensuring it can be restored in the event of a failure.
Easy Recovery: Enables fast and reliable recovery of data from a known point in time.
Compliance: Meets regulatory requirements for data backup and disaster recovery.
No Manual Intervention: Automated snapshots do not require manual intervention and are created and retained based on your retention policy.
Cons:
Cost: Storing automated snapshots for extended periods may incur additional costs due to storage usage.
Storage Limits: There is a limit to how many snapshots can be kept, and exceeding the limit can cause older snapshots to be deleted.
Performance Impact: The snapshot process may slightly affect cluster performance, especially during heavy operations.
Default Value:
By default, Amazon Redshift does not enable automated snapshots for clusters that are created through the AWS Management Console. When you launch a cluster, automated snapshots need to be explicitly enabled.
Pre-requisite:
AWS IAM Permissions:
redshift:DescribeClusters
redshift:ModifyCluster
redshift:CreateCluster
redshift:EnableSnapshots
AWS CLI installed and configured.
Amazon Redshift Cluster that supports automated snapshots.
A Redshift snapshot schedule should be defined for the cluster.
Remediation:
Test Plan:
Using AWS Console:
Sign in to the AWS Management Console.
Navigate to Amazon Redshift under Services.
In the Redshift Dashboard, select the cluster you want to check.
Under the Cluster Properties, check if Automated Snapshots are enabled:
If Automated Snapshots is enabled, it will show the retention period (e.g., 7 days).
If Automated Snapshots is disabled, there will be no retention period or snapshots listed.
If snapshots are disabled, click Modify Cluster to enable them:
Under Backup, set the Snapshot Schedule and retention period.
Save the changes.
Using AWS CLI:
To check if automated snapshots are enabled for a Redshift cluster, run:
aws redshift describe-clusters --query 'Clusters[*].{ClusterId:ClusterIdentifier,AutomatedSnapshotRetentionPeriod:AutomatedSnapshotRetentionPeriod}'If the AutomatedSnapshotRetentionPeriod is set to 0, automated snapshots are disabled. To enable automated snapshots and set a retention period (e.g., 7 days), run:
aws redshift modify-cluster --cluster-identifier <cluster-id> --automated-snapshot-retention-period 7To verify the changes, run:
aws redshift describe-clusters --cluster-identifier <cluster-id> --query 'Clusters[*].{ClusterId:ClusterIdentifier,AutomatedSnapshotRetentionPeriod:AutomatedSnapshotRetentionPeriod}'Implementation Steps:
Using AWS Console:
Log in to the AWS Management Console and navigate to Amazon Redshift.
In the Redshift Dashboard, select the Redshift Cluster you want to configure.
Under Cluster Properties, check if Automated Snapshots are enabled. If not, click Modify.
In the Backup section, set the Automated Snapshot Retention Period (e.g., 7 days).
Save the changes to enable automated snapshots for the cluster.
Using AWS CLI:
To modify a Redshift cluster to enable automated snapshots, run:
aws redshift modify-cluster --cluster-identifier <cluster-id> --automated-snapshot-retention-period 7To verify that automated snapshots are enabled and check the retention period, run:
aws redshift describe-clusters --cluster-identifier <cluster-id> --query 'Clusters[*].{ClusterId:ClusterIdentifier,AutomatedSnapshotRetentionPeriod:AutomatedSnapshotRetentionPeriod}'Backout Plan:
If enabling automated snapshots causes issues such as excessive storage use or performance degradation:
Identify the affected Redshift cluster and review the snapshot settings.
If needed, disable automated snapshots by running:
aws redshift modify-cluster --cluster-identifier <cluster-id> --automated-snapshot-retention-period 0Verify that the automated snapshots have been disabled and that no snapshots are retained:
aws redshift describe-clusters --cluster-identifier <cluster-id> --query 'Clusters[*].{ClusterId:ClusterIdentifier,AutomatedSnapshotRetentionPeriod:AutomatedSnapshotRetentionPeriod}'
Monitor the cluster to ensure no further issues arise after disabling automated snapshots.
Note :
Snapshot Retention: Ensure that the snapshot retention period is set according to your organization's backup policy (e.g., 7 days or 30 days).
Snapshot Monitoring: Set up CloudWatch Alarms to monitor snapshot activity and alert if there are issues with the snapshot process.