How to connect with SSL to Amazon Redshift Serverless

0

I would like to allow only SSL connections and disable non-SSL. Is it possible to do such configuration to Redshift Serverless?

[What I have researched so far]

I found in this document:

https://docs.aws.amazon.com/redshift/latest/mgmt/serverless-connecting.html

"Amazon Redshift supports Secure Sockets Layer (SSL) connections to encrypt queries and data. To set up a secure connection, you can use the same configuration you use to set up a connection to a provisioned Redshift cluster. Follow the steps in Configuring security options for connections"

When I access to:

https://docs.aws.amazon.com/redshift/latest/mgmt/connecting-ssl-support.html

I found this:

"By default, cluster databases accept a connection whether it uses SSL or not. To configure your cluster to require an SSL connection, set the require_SSL parameter to true in the parameter group that is associated with the cluster."

I think that I have to create a parameter group:

https://docs.aws.amazon.com/redshift/latest/mgmt/managing-parameter-groups-console.html

However:

"When you launch a cluster, you must associate it with a parameter group. If you want to change the parameter group later, you can modify the cluster and choose a different parameter group."

There is no option for Redshift Serverless!

And in this docs:

https://docs.aws.amazon.com/redshift/latest/mgmt/serverless-console-comparison.html

"Parameter groups - Provisioned clusters support parameter groups. Amazon Redshift Serverless does not have the concept of a parameter group. For more information about parameter groups for a provisioned cluster, see Amazon Redshift parameter groups."

=> I would like to allow only SSL connections and disable non-SSL. Is it possible to do such configuration to Redshift Serverless? If possible, I would appreciate it if you could tell me how to set it up.

asked 2 years ago1693 views
1 Answer
0

Your understanding is corrrect. As there is no concept of parameter groups in serverless, you do not have an option to toggle "require_ssl" to true. By default, cluster databases accept a connection whether it uses SSL or not. Therefore in case of serverless endpoints, you can still set up an SSL connection from the client to the cluster endpoint but there is no way to enforce it on the cluster side. For more information and options for configuring the security options for connections please see
[+] https://docs.aws.amazon.com/redshift/latest/mgmt/connecting-ssl-support.html#connect-using-ssl

AWS
SUPPORT ENGINEER
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions