AWS config documentation change
Summary
Updated region exceptions and reordered/renamed security parameters (loggingEnabled/clusterDbEncrypted)
Security assessment
Parameter reordering emphasizes logging security feature first, but doesn't indicate vulnerability response.
Diff
diff --git a/config/latest/developerguide/redshift-cluster-configuration-check.md b/config/latest/developerguide/redshift-cluster-configuration-check.md index 3070283f6..b11e2b760 100644 --- a//config/latest/developerguide/redshift-cluster-configuration-check.md +++ b//config/latest/developerguide/redshift-cluster-configuration-check.md @@ -17 +17 @@ Checks if Amazon Redshift clusters have the specified settings. The rule is NON_ -**AWS Region:** All supported AWS regions except AWS Secret - West, Mexico (Central) Region +**AWS Region:** All supported AWS regions except Mexico (Central) Region @@ -21 +21 @@ Checks if Amazon Redshift clusters have the specified settings. The rule is NON_ -clusterDbEncrypted +loggingEnabled @@ -26 +26 @@ Default: true -Database encryption is enabled. +Audit logging is enabled @@ -28 +28 @@ Database encryption is enabled. -loggingEnabled +clusterDbEncrypted @@ -33 +33 @@ Default: true -Audit logging is enabled. +Database encryption is enabled @@ -40 +40 @@ Default: dc1.large -Specify node type. +Specify node type