Ensure Redshift clusters have AWS Backup's backup plan

Error: Redshift clusters do not have AWS Backup's backup plan

Bridgecrew Policy ID: BC_AWS_GENERAL_47
Checkov Check ID: CKV2_AWS_13
Severity: LOW

Redshift clusters do not have AWS Backup's backup plan

Description

TBA

Fix - Buildtime

Terraform

  • Resource: aws_redshift_cluster, aws_backup_plan, aws_backup_selection
  • Argument: resources and plan_id (for aws_backups_selection)
resource "aws_redshift_cluster" "redshift_good" {
  cluster_identifier = "tf-redshift-cluster"
  database_name      = "mydb"
  master_username    = "foo"
  master_password    = "Mustbe8characters"
  node_type          = "dc1.large"
  cluster_type       = "single-node"
}


resource "aws_backup_plan" "example" {
  name = "tf_example_backup_plan"

  rule {
    rule_name         = "tf_example_backup_rule"
    target_vault_name = "vault-name"
    schedule          = "cron(0 12 * * ? *)"
  }
}

resource "aws_backup_selection" "backup_good" {
  iam_role_arn = "arn:partition:service:region:account-id:resource-id"
  name         = "tf_example_backup_selection"
  plan_id      = aws_backup_plan.example.id

  resources = [
    aws_redshift_cluster.redshift_good.arn
  ]
}

Did this page help you?