AWS Amazon Redshift Security Group

This page shows how to write Terraform and CloudFormation for Amazon Redshift Security Group and write them securely.

aws_redshift_security_group (Terraform)

The Security Group in Amazon Redshift can be configured in Terraform with the resource name aws_redshift_security_group. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L47
resource "aws_redshift_security_group" "aws_redshift_security_group_public" {
  name = "redshift-sg"

  ingress {
    cidr = "0.0.0.0"
  }
main.tf#L47
resource "aws_redshift_security_group" "aws_redshift_security_group_public" {
  name = "redshift-sg"

  ingress {
    cidr = "0.0.0.0"
  }
main.tf#L7
resource "aws_redshift_security_group" "this" {
  description = var.description
  name        = var.name

  dynamic "ingress" {
    for_each = var.ingress
aws_redshift_security_group.tf#L1
resource "aws_redshift_security_group" "default" {
  name = "redshift-sg"

  ingress {
    cidr = "10.0.0.0/24"
  }
aws_redshift_security_group_allowed.tf#L1
resource "aws_redshift_security_group" "allowed" {
  name = "redshift-sg"
  ingress {
    cidr = "1.0.0.0/0"
  }
}

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

Explanation in Terraform Registry

Creates a new Amazon Redshift security group. You use security groups to control access to non-VPC clusters

AWS::Redshift::ClusterSecurityGroup (CloudFormation)

The ClusterSecurityGroup in Redshift can be configured in CloudFormation with the resource name AWS::Redshift::ClusterSecurityGroup. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

product.template-sa-east-1.yaml#L9
    Type: AWS::Redshift::ClusterSecurityGroup
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clustersecuritygroup.html
    Properties:
      Description: !Ref 'Description'
product.template-eu-west-3.yaml#L9
    Type: AWS::Redshift::ClusterSecurityGroup
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clustersecuritygroup.html
    Properties:
      Description: !Ref 'Description'
product.template-ap-southeast-2.yaml#L9
    Type: AWS::Redshift::ClusterSecurityGroup
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clustersecuritygroup.html
    Properties:
      Description: !Ref 'Description'
product.template-eu-west-2.yaml#L9
    Type: AWS::Redshift::ClusterSecurityGroup
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clustersecuritygroup.html
    Properties:
      Description: !Ref 'Description'
product.template-ap-south-1.yaml#L9
    Type: AWS::Redshift::ClusterSecurityGroup
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clustersecuritygroup.html
    Properties:
      Description: !Ref 'Description'
AWS_Redshift_ClusterSecurityGroup.json#L9
    "resourceType": "AWS::Redshift::ClusterSecurityGroup",
    "resourceId": "default",
    "resourceName": "default",
    "awsRegion": "us-west-2",
    "availabilityZone": "Not Applicable",
    "tags": {
AWS_Redshift_ClusterSecurityGroup.json#L9
    "resourceType": "AWS::Redshift::ClusterSecurityGroup",
    "resourceId": "default",
    "resourceName": "default",
    "awsRegion": "us-west-2",
    "availabilityZone": "Not Applicable",
    "tags": {
cloud-formation-local-postgres.json#L7
      "Type": "AWS::Redshift::ClusterSecurityGroup",
      "Properties": {
        "Description" : "Security group to determine where connections to the Amazon Redshift cluster can come from"
      }
    },
    "redshiftSecurityGroupIngress" : {
RedshiftClusterSecurityGroupSpecification.json#L4
    "AWS::Redshift::ClusterSecurityGroup": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clustersecuritygroup.html",
      "Properties": {
        "Description": {
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clustersecuritygroup.html#cfn-redshift-clustersecuritygroup-description",
          "PrimitiveType": "String",
RedshiftClusterSecurityGroupSpecification.json#L4
    "AWS::Redshift::ClusterSecurityGroup": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clustersecuritygroup.html",
      "Properties": {
        "Description": {
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clustersecuritygroup.html#cfn-redshift-clustersecuritygroup-description",
          "PrimitiveType": "String",

Parameters

Explanation in CloudFormation Registry

Specifies a new Amazon Redshift security group. You use security groups to control access to non-VPC clusters.

For information about managing security groups, go to Amazon Redshift Cluster Security Groups in the Amazon Redshift Cluster Management Guide.

Frequently asked questions

What is AWS Amazon Redshift Security Group?

AWS Amazon Redshift Security Group is a resource for Amazon Redshift of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon Redshift Security Group?

For Terraform, the SnidermanIndustries/checkov-fork, melscoop-test/check and niveklabs/aws source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the awslabs/aws-service-catalog-products, awslabs/aws-service-catalog-products and awslabs/aws-service-catalog-products source code examples are useful. See the CloudFormation Example section for further details.