Ensure that your Redshift clusters are provisioned within the AWS EC2-VPC platform instead of EC2-Classic platform (outdated) for better flexibility and control over clusters security, traffic routing, availability and more.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Creating and managing Amazon Redshift clusters using EC2-VPC platform instead of EC2-Classic can bring multiple advantages such as better networking infrastructure (network isolation, cluster subnet groups and Elastic IP addresses), much more flexible control over access security (network ACLs, VPC security group outbound traffic filtering) and last but not least, access to newer and powerful node types (DS2).
To determine the platform (EC2-Classic or EC2-VPC) used to launch your Amazon Redshift clusters, perform the following:
To migrate your Redshift clusters provisioned with the EC2-Classic platform to the EC2-VPC platform, you must relaunch the clusters within a VPC environment, unload the data from the EC2-Classic clusters to Amazon S3 then load the data into the EC2-VPC clusters created. To launch the new EC2-VPC Redshift clusters and move the existing data between platforms, perform the following: