AWSConfigRemediation-DisablePublicAccessToRedshiftCluster
Description
The AWSConfigRemediation-DisablePublicAccessToRedshiftCluster
runbook disables public accessibility for the Amazon Redshift cluster that you specify.
Document type
Automation
Owner
Amazon
Platforms
Databases
Parameters
-
AutomationAssumeRole
Type: String
Description: (Required) The Amazon Resource Name (ARN) of the Amazon Identity and Access Management (IAM) role that allows Systems Manager Automation to perform the actions on your behalf.
-
ClusterIdentifier
Type: String
Description: (Required) The unique identifier of the cluster that you want to disable public accessibility for.
Required IAM permissions
The AutomationAssumeRole
parameter requires the following actions to
use the runbook successfully.
-
ssm:StartAutomationExecution
-
ssm:GetAutomationExecution
-
redshift:DescribeClusters
-
redshift:ModifyCluster
Document Steps
-
aws:executeAwsApi
- Disables public accessibility for the cluster specified in theClusterIdentifier
parameter. -
aws:waitForAwsResourceProperty
- Waits for the state of the cluster to change toavailable
. -
aws:assertAwsResourceProperty
- Confirms the public accessibility setting is disabled on the cluster.