Avoid Default Admin Username in Redshift Clusters
Ensures Amazon Redshift clusters do not use the default 'awsuser' as the admin username to prevent easy unauthorized access.
| Rule | Amazon Redshift clusters should not use the default Admin username |
| Framework | AWS Foundational Security Best Practices |
| Severity | ✔ Medium |
Rule Description
By default, Amazon Redshift clusters use the "admin" username, which can pose a security risk due to its predictability. For AWS Foundational Security Best Practices, it is recommended to change the default Admin username to enhance the security of the Redshift clusters.
Troubleshooting Steps
If the default Admin username is still being used, it is recommended to change it to a custom username to mitigate potential security vulnerabilities.
Remediation Steps
- 1.
Create a new user: Create a new user with administrative privileges to replace the default "admin" username.
- 2.
Modify Redshift Cluster:
Connect to your Redshift cluster using the appropriate client.
Run the following SQL command to change the owner of the database objects:
ALTER DATABASE mydb OWNER TO new_user;
- 3.
Update permissions: Ensure that the new user has the necessary permissions to manage the Redshift cluster.
- 4.
Update connection settings: Update any scripts, applications, or tools that connect to the Redshift cluster with the new username.
- 5.
Test the new user: Validate that the new user can perform administrative tasks on the Redshift cluster successfully.
CLI Command
If you prefer using the AWS Command Line Interface (CLI) to make these changes, you can use the following command to modify the default Admin username:
aws redshift modify-cluster --cluster-identifier my-cluster --master-username new_username
Ensure to replace
my-clusternew_usernameBy following these steps and changing the default Admin username on your Amazon Redshift clusters, you can adhere to the AWS Foundational Security Best Practices and enhance the overall security of your environment.