Ensure that deferred maintenance is enabled for all your Amazon Redshift clusters in order to keep your data warehouse running without interruption during critical business periods. Amazon Redshift gives you the option to defer maintenance for your clusters by up to 14 days.
This rule can help you with the following compliance standards:
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
If your organization runs mission critical workloads on Amazon Redshift, during high business activity period, you might want to defer the scheduled maintenance to a less busy interval. With the Deferred Maintenance feature you can postpone scheduled maintenance up to 14 days. During this time, Amazon Redshift does not apply any software updates.
Note: The deferred maintenance period is overridden if a mandatory hardware replacement is scheduled on your Amazon Redshift cluster. In this case you will get an event notification via AWS Management Console and the SNS subscription available.
Audit
To determine if the Deferred Maintenance feature is enabled for your Amazon Redshift clusters, perform the following operations:
Remediation / Resolution
To reconfigure your existing Amazon Redshift clusters in order to enable deferred maintenance, perform the following operations:
References
- AWS Documentation
- Amazon Redshift FAQs
- Amazon Redshift Clusters
- Managing Clusters Using the Console
- AWS Command Line Interface (CLI) Documentation
- redshift
- describe-clusters
- modify-cluster-maintenance
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Deferred Maintenance
Risk Level: Medium