Query: AWS Redshift clusters should be encrypted with KMS

Description

Ensure that AWS Redshift clusters are using a specified AWS Key Management Service (AWS KMS) key for encryption. The rule is compliant if encryption is enabled and the cluster is encrypted with the key provided in the kmsKeyArn parameter. The rule is non-compliant if the cluster is not encrypted or encrypted with another key.

Query

Tables used in this query:

• aws_redshift_cluster

Controls using this query:

• 10 Redshift clusters should be encrypted at rest
• AWS Redshift clusters should be encrypted with KMS

SQL