Data at risk

EBS snapshot is shared with unknown AWS accounts

Platform(s)
Compliance Frameworks
  • coppa
  • ,
  • CPRA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • essential_8_au
  • ,
  • essential_8_au_level_1
  • ,
  • essential_8_au_level_2
  • ,
  • Mitre ATT&CK
  • ,
  • mpa
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • pipeda

Description

Amazon EBS (Elastic Block Storage) provide block level storage service designed to be used with EC2 instances. EBS snapshot is a point-in-time copy of the data stored in a EBS volume. It was detected that the EBS snapshot {AwsEc2EbsSnapshot} is shared with AWS accounts that are not in your organization. The AWS accounts are: [{AwsEc2EbsSnapshot.UnknownPermittedCloudAccounts}]. These accounts have the ability to copy the EBS snapshot and even create a volume from it. The volume can then be attached to an EC2 instance, from which the data stored in the EBS volume can be accessed.