Medium

Ensure Redshift clusters nodes has not reached the limit quota established by your organization

Security & Compliance
Description

Make sure that the number of Amazon Redshift cluster nodes provisioned in your AWS account adheres to your organization's established limit quota to avoid exceeding the maximum capacity allowed for the workload deployed. For instance, the US East (N. Virginia) region currently allows up to 200 nodes across all database instances in an account, but this limit can be adjusted. If the current number of Redshift cluster nodes approaches the defined limit, you can request an increase by submitting the Amazon Redshift Limit Increase Form. For additional information visit the Quotas and limits in Amazon Redshift page

Remediation

To ensure Redshift clusters nodes have not reached the limit quota established by your organization, follow these remediation steps:

  1. Identify the current number of Redshift cluster nodes provisioned in your AWS account. This can be done by checking the Amazon Redshift console or by using AWS CLI or API.
  2. Verify the Redshift limit quota defined for your AWS account by reviewing the AWS Service Quotas page.
  3. If the current number of Redshift cluster nodes is approaching the limit quota or has already reached the limit quota, you will need to request a limit increase by submitting an Amazon Redshift Limit Increase Form.
  4. Fill out the form with the required information, including your account ID, the region where you want to increase the limit, and the new limit value.
  5. Submit the form and wait for a response from AWS. You will receive an email notification once your request has been processed.
  6. Once the request has been approved, you can provision additional Redshift cluster nodes in your account up to the new limit quota.
  7. Monitor the number of Redshift cluster nodes in your account periodically to ensure that they are within the new limit quota
Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.