Configuring auditing using the console - Amazon Redshift

Configuring auditing using the console

You can configure Amazon Redshift to create audit log files and store them in S3.

Enabling audit logging using the console

Note

A new console is available for Amazon Redshift. Choose either the New console or the Original console instructions based on the console that you are using. The New console instructions are open by default.

To enable audit logging for a cluster

  1. Sign in to the AWS Management Console and open the Amazon Redshift console at https://console.aws.amazon.com/redshift/.

  2. On the navigation menu, choose CLUSTERS, then choose the cluster that you want to update.

  3. Choose the Properties tab. Then view the Audit logging in the Database configurations section.

  4. Choose Edit, then Edit audit logging.

  5. On the Edit audit logging page, choose to Enable audit logging and enter your choices regarding where the logs are stored.

  6. Choose Save changes to save your choices.

To enable audit logging for a cluster

  1. Sign in to the AWS Management Console and open the Amazon Redshift console at https://console.aws.amazon.com/redshift/.

  2. In the navigation pane, choose Clusters.

  3. In the list, choose the cluster for which you want to enable logging.

  4. In the cluster details page, choose Database, and then choose Configure Audit Logging.

  5. In the Configure Audit Logging dialog box, in the Enable Audit Logging box, choose Yes.

  6. For S3 Bucket, do one of the following:

    • If you already have an S3 bucket that you want to use, select Use Existing and then select the bucket from the Bucket list.

    • If you need a new S3 bucket, select Create New, and in the New Bucket Name box, type a name.

  7. (Optional) For S3 Key Prefix, enter a prefix to add to the S3 bucket.

  8. Choose Save.

After you configure audit logging, the Cluster details page updates to display information about the logging configuration.

On the Cluster details page, under Backup, Maintenance, and Logging, choose Go to the S3 console to navigate to the bucket.

Modifying the bucket for audit logging

  1. Sign in to the AWS Management Console and open the Amazon Redshift console at https://console.aws.amazon.com/redshift/.

  2. In the navigation pane, choose Clusters.

  3. In the list, choose the cluster for which you want to modify the bucket used for audit logging.

  4. In the cluster details page, choose Database, and then choose Configure Audit Logging.

  5. For S3 Bucket, select an existing bucket or create a new bucket.

  6. (Optional) For S3 Key Prefix, enter a prefix to add to the S3 bucket.

  7. Choose Save.

Disabling audit logging using the Console

  1. Sign in to the AWS Management Console and open the Amazon Redshift console at https://console.aws.amazon.com/redshift/.

  2. In the navigation pane, choose Clusters.

  3. In the list, choose the cluster for which you want to disable logging.

  4. In the cluster details page, choose Database, and then choose Configure Audit Logging.

  5. In the Configure Audit Logging dialog box, in the Enable Audit Logging box, choose No.

  6. Choose Save.