steampipe plugin install awssteampipe plugin install aws
aws_accessanalyzer_analyzeraws_accountaws_acm_certificateaws_api_gateway_api_authorizeraws_api_gateway_api_keyaws_api_gateway_authorizeraws_api_gateway_rest_apiaws_api_gateway_stageaws_api_gateway_usage_planaws_api_gatewayv2_apiaws_api_gatewayv2_domain_nameaws_api_gatewayv2_integrationaws_api_gatewayv2_stageaws_appautoscaling_targetaws_auditmanager_assessmentaws_auditmanager_controlaws_auditmanager_evidenceaws_auditmanager_evidence_folderaws_auditmanager_frameworkaws_availability_zoneaws_backup_planaws_backup_protected_resourceaws_backup_recovery_pointaws_backup_selectionaws_backup_vaultaws_cloudcontrol_resourceaws_cloudformation_stackaws_cloudfront_cache_policyaws_cloudfront_distributionaws_cloudfront_origin_access_identityaws_cloudfront_origin_request_policyaws_cloudtrail_trailaws_cloudtrail_trail_eventaws_cloudwatch_alarmaws_cloudwatch_log_eventaws_cloudwatch_log_groupaws_cloudwatch_log_metric_filteraws_cloudwatch_log_resource_policyaws_cloudwatch_log_streamaws_codebuild_projectaws_codebuild_source_credentialaws_codecommit_repositoryaws_codepipeline_pipelineaws_config_configuration_recorderaws_config_conformance_packaws_config_ruleaws_cost_by_account_dailyaws_cost_by_account_monthlyaws_cost_by_service_dailyaws_cost_by_service_monthlyaws_cost_by_service_usage_type_dailyaws_cost_by_service_usage_type_monthlyaws_cost_forecast_dailyaws_cost_forecast_monthlyaws_cost_usageaws_dax_clusteraws_directory_service_directoryaws_dms_replication_instanceaws_dynamodb_backupaws_dynamodb_global_tableaws_dynamodb_metric_account_provisioned_read_capacity_utilaws_dynamodb_metric_account_provisioned_write_capacity_utilaws_dynamodb_tableaws_ebs_snapshotaws_ebs_volumeaws_ebs_volume_metric_read_opsaws_ebs_volume_metric_read_ops_dailyaws_ebs_volume_metric_read_ops_hourlyaws_ebs_volume_metric_write_opsaws_ebs_volume_metric_write_ops_dailyaws_ebs_volume_metric_write_ops_hourlyaws_ec2_amiaws_ec2_ami_sharedaws_ec2_application_load_balanceraws_ec2_application_load_balancer_metric_request_countaws_ec2_application_load_balancer_metric_request_count_dailyaws_ec2_autoscaling_groupaws_ec2_capacity_reservationaws_ec2_classic_load_balanceraws_ec2_gateway_load_balanceraws_ec2_instanceaws_ec2_instance_availabilityaws_ec2_instance_metric_cpu_utilizationaws_ec2_instance_metric_cpu_utilization_dailyaws_ec2_instance_metric_cpu_utilization_hourlyaws_ec2_instance_typeaws_ec2_key_pairaws_ec2_launch_configurationaws_ec2_load_balancer_listeneraws_ec2_network_interfaceaws_ec2_network_load_balanceraws_ec2_network_load_balancer_metric_net_flow_countaws_ec2_network_load_balancer_metric_net_flow_count_dailyaws_ec2_regional_settingsaws_ec2_reserved_instanceaws_ec2_ssl_policyaws_ec2_target_groupaws_ec2_transit_gatewayaws_ec2_transit_gateway_routeaws_ec2_transit_gateway_route_tableaws_ec2_transit_gateway_vpc_attachmentaws_ecr_repositoryaws_ecrpublic_repositoryaws_ecs_clusteraws_ecs_cluster_metric_cpu_utilizationaws_ecs_cluster_metric_cpu_utilization_dailyaws_ecs_cluster_metric_cpu_utilization_hourlyaws_ecs_container_instanceaws_ecs_serviceaws_ecs_taskaws_ecs_task_definitionaws_efs_access_pointaws_efs_file_systemaws_efs_mount_targetaws_eks_addonaws_eks_addon_versionaws_eks_clusteraws_eks_identity_provider_configaws_elastic_beanstalk_applicationaws_elastic_beanstalk_environmentaws_elasticache_clusteraws_elasticache_parameter_groupaws_elasticache_redis_metric_cache_hits_hourlyaws_elasticache_redis_metric_curr_connections_hourlyaws_elasticache_redis_metric_engine_cpu_utilization_hourlyaws_elasticache_redis_metric_get_type_cmds_hourlyaws_elasticache_redis_metric_list_based_cmds_hourlyaws_elasticache_redis_metric_new_connections_hourlyaws_elasticache_replication_groupaws_elasticache_subnet_groupaws_elasticsearch_domainaws_emr_clusteraws_emr_cluster_metric_is_idleaws_emr_instance_groupaws_eventbridge_busaws_eventbridge_ruleaws_fsx_file_systemaws_glacier_vaultaws_glue_catalog_databaseaws_guardduty_detectoraws_guardduty_findingaws_guardduty_ipsetaws_guardduty_threat_intel_setaws_iam_access_advisoraws_iam_access_keyaws_iam_account_password_policyaws_iam_account_summaryaws_iam_actionaws_iam_credential_reportaws_iam_groupaws_iam_policyaws_iam_policy_simulatoraws_iam_roleaws_iam_server_certificateaws_iam_useraws_iam_virtual_mfa_deviceaws_identitystore_groupaws_identitystore_useraws_inspector_assessment_targetaws_inspector_assessment_templateaws_kinesis_consumeraws_kinesis_firehose_delivery_streamaws_kinesis_streamaws_kinesis_video_streamaws_kinesisanalyticsv2_applicationaws_kms_keyaws_lambda_aliasaws_lambda_functionaws_lambda_function_metric_duration_dailyaws_lambda_function_metric_errors_dailyaws_lambda_function_metric_invocations_dailyaws_lambda_layeraws_lambda_layer_versionaws_lambda_versionaws_macie2_classification_jobaws_media_store_containeraws_organizations_accountaws_rds_db_clusteraws_rds_db_cluster_parameter_groupaws_rds_db_cluster_snapshotaws_rds_db_event_subscriptionaws_rds_db_instanceaws_rds_db_instance_metric_connectionsaws_rds_db_instance_metric_connections_dailyaws_rds_db_instance_metric_connections_hourlyaws_rds_db_instance_metric_cpu_utilizationaws_rds_db_instance_metric_cpu_utilization_dailyaws_rds_db_instance_metric_cpu_utilization_hourlyaws_rds_db_instance_metric_read_iopsaws_rds_db_instance_metric_read_iops_dailyaws_rds_db_instance_metric_read_iops_hourlyaws_rds_db_instance_metric_write_iopsaws_rds_db_instance_metric_write_iops_dailyaws_rds_db_instance_metric_write_iops_hourlyaws_rds_db_option_groupaws_rds_db_parameter_groupaws_rds_db_snapshotaws_rds_db_subnet_groupaws_redshift_clusteraws_redshift_cluster_metric_cpu_utilization_dailyaws_redshift_event_subscriptionaws_redshift_parameter_groupaws_redshift_snapshotaws_redshift_subnet_groupaws_regionaws_route53_domainaws_route53_recordaws_route53_resolver_endpointaws_route53_resolver_ruleaws_route53_zoneaws_s3_access_pointaws_s3_account_settingsaws_s3_bucketaws_sagemaker_endpoint_configurationaws_sagemaker_modelaws_sagemaker_notebook_instanceaws_sagemaker_training_jobaws_secretsmanager_secretaws_securityhub_hubaws_securityhub_productaws_securityhub_standards_subscriptionaws_serverlessapplicationrepository_applicationaws_sfn_state_machineaws_sfn_state_machine_executionaws_sfn_state_machine_execution_historyaws_sns_topicaws_sns_topic_subscriptionaws_sqs_queueaws_ssm_associationaws_ssm_documentaws_ssm_maintenance_windowaws_ssm_managed_instanceaws_ssm_managed_instance_complianceaws_ssm_parameteraws_ssm_patch_baselineaws_ssoadmin_instanceaws_ssoadmin_managed_policy_attachmentaws_ssoadmin_permission_setaws_tagging_resourceaws_vpcaws_vpc_customer_gatewayaws_vpc_dhcp_optionsaws_vpc_egress_only_internet_gatewayaws_vpc_eipaws_vpc_endpointaws_vpc_endpoint_serviceaws_vpc_flow_logaws_vpc_flow_log_eventaws_vpc_internet_gatewayaws_vpc_nat_gatewayaws_vpc_network_aclaws_vpc_routeaws_vpc_route_tableaws_vpc_security_groupaws_vpc_security_group_ruleaws_vpc_subnetaws_vpc_vpn_connectionaws_vpc_vpn_gatewayaws_waf_rate_based_ruleaws_waf_ruleaws_wafv2_ip_setaws_wafv2_regex_pattern_setaws_wafv2_rule_groupaws_wafv2_web_aclaws_wellarchitected_workloadaws_workspaces_workspace

Table: aws_redshift_cluster

A cluster is a fully managed data warehouse that consists of a set of compute nodes.

Examples

Basic info

select
cluster_identifier,
arn,
node_type,
region
from
aws_redshift_cluster;

List clusters that are publicly accessible

select
cluster_identifier,
node_type,
number_of_nodes,
publicly_accessible
from
aws_redshift_cluster
where
publicly_accessible;

List clusters that are not in a VPC

select
cluster_identifier,
node_type,
number_of_nodes,
vpc_id
from
aws_redshift_cluster
where
vpc_id is null;

List clusters whose storage is not encrypted

select
cluster_identifier,
node_type,
number_of_nodes,
encrypted
from
aws_redshift_cluster
where
not encrypted;

Get logging status for each cluster

select
cluster_identifier,
logging_status -> 'LoggingEnabled' as LoggingEnabled
from
aws_redshift_cluster

Control examples

.inspect aws_redshift_cluster

AWS Redshift Cluster

NameTypeDescription
account_idtextThe AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
allow_version_upgradebooleanA boolean value that, if true, indicates that major version upgrades will be applied automatically to the cluster during the maintenance window.
arntextThe Amazon Resource Name (ARN) specifying the cluster.
automated_snapshot_retention_periodbigintThe number of days that automatic cluster snapshots are retained.
availability_zonetextThe name of the Availability Zone in which the cluster is located.
availability_zone_relocation_statustextDescribes the status of the Availability Zone relocation operation.
cluster_availability_statustextThe availability status of the cluster for queries.
cluster_create_timetimestamp without time zoneThe date and time that the cluster was created.
cluster_identifiertextThe unique identifier of the cluster.
cluster_namespace_arntextThe namespace Amazon Resource Name (ARN) of the cluster.
cluster_nodesjsonbThe nodes in the cluster.
cluster_parameter_groupsjsonbThe list of cluster parameter groups that are associated with this cluster. Each parameter group in the list is returned with its status.
cluster_public_keytextThe public key for the cluster.
cluster_revision_numbertextThe specific revision number of the database in the cluster.
cluster_security_groupsjsonbA list of cluster security group that are associated with the cluster. Each security group is represented by an element that contains ClusterSecurityGroup.Name and ClusterSecurityGroup.Status subelements. Cluster security groups are used when the cluster is not created in an Amazon Virtual Private Cloud (VPC). Clusters that are created in a VPC use VPC security groups, which are listed by the VpcSecurityGroups parameter.
cluster_snapshot_copy_statusjsonbA value that returns the destination region and retention period that are configured for cross-region snapshot copy.
cluster_statustextThe current state of the cluster.
cluster_subnet_group_nametextThe name of the subnet group that is associated with the cluster. This parameter is valid only when the cluster is in a VPC.
cluster_versiontextThe version ID of the Amazon Redshift engine that is running on the cluster.
data_transfer_progressjsonbDescribes the status of a cluster while it is in the process of resizing with an incremental resize.
db_nametextThe name of the initial database that was created when the cluster was created. This same name is returned for the life of the cluster. If an initial database was not specified, a database named devdev was created by default.
deferred_maintenance_windowsjsonbDescribes a group of DeferredMaintenanceWindow objects.
elastic_ip_statusjsonbThe status of the elastic IP (EIP) address.
elastic_resize_number_of_node_optionstextThe number of nodes that you can resize the cluster to with the elastic resize method.
encryptedbooleanA boolean value that, if true, indicates that data in the cluster is encrypted at rest.
endpointjsonbThe connection endpoint.
enhanced_vpc_routingbooleanAn option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. If this option is true, enhanced VPC routing is enabled.
expected_next_snapshot_schedule_timetimestamp without time zoneThe date and time when the next snapshot is expected to be taken for clusters with a valid snapshot schedule and backups enabled.
expected_next_snapshot_schedule_time_statustextThe status of next expected snapshot for clusters having a valid snapshot schedule and backups enabled.
hsm_statusjsonbA value that reports whether the Amazon Redshift cluster has finished applying any hardware security module (HSM) settings changes specified in a modify cluster command.
iam_rolesjsonbA list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services.
kms_key_idtextThe AWS Key Management Service (AWS KMS) key ID of the encryption key used to encrypt data in the cluster.
logging_statusjsonbDescribes the status of logging for a cluster.
maintenance_track_nametextThe name of the maintenance track for the cluster.
manual_snapshot_retention_periodbigintThe default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots. The value must be either -1 or an integer between 1 and 3,653.
master_usernametextThe master user name for the cluster. This name is used to connect to the database that is specified in the DBName parameter.
modify_statustextThe status of a modify operation, if any, initiated for the cluster.
next_maintenance_window_start_timetimestamp without time zoneThe date and time in UTC when system maintenance can begin.
node_typetextThe node type for the nodes in the cluster.
number_of_nodesbigintThe number of compute nodes in the cluster.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
pending_actionsjsonbCluster operations that are waiting to be started.
pending_modified_valuesjsonbA value that, if present, indicates that changes to the cluster are pending. Specific pending changes are identified by subelements.
preferred_maintenance_windowtextThe weekly time range, in Universal Coordinated Time (UTC), during which system maintenance can occur.
publicly_accessiblebooleanA boolean value that, if true, indicates that the cluster can be accessed from a public network.
regiontextThe AWS Region in which the resource is located.
resize_infojsonbDescribes a resize operation.
restore_statusjsonbA value that describes the status of a cluster restore action. This parameter returns null if the cluster was not created by restoring a snapshot.
scheduled_actionsjsonbA list of scheduled actions for specified cluster.
snapshot_schedule_identifiertextA unique identifier for the cluster snapshot schedule.
snapshot_schedule_statetextThe current state of the cluster snapshot schedule.
tagsjsonbA map of tags for the resource.
tags_srcjsonbThe list of tags for the cluster.
titletextTitle of the resource.
vpc_idtextThe identifier of the VPC the cluster is in, if the cluster is in a VPC.
vpc_security_groupsjsonbA list of Amazon Virtual Private Cloud (Amazon VPC) security groups that are associated with the cluster. This parameter is returned only if the cluster is in a VPC.