Data at risk

EBS snapshot is shared with unknown AWS accounts

Platform(s)
Compliance Frameworks

coppa, CPRA, Data Security Posture Management (DSPM) Best Practices, essential_8_au, essential_8_au_level_1, essential_8_au_level_2, Mitre ATT&CK, mpa, NIST 800-171, NIST 800-53, pipeda

Description

Amazon EBS (Elastic Block Storage) provide block level storage service designed to be used with EC2 instances. EBS snapshot is a point-in-time copy of the data stored in a EBS volume. It was detected that the EBS snapshot {AwsEc2EbsSnapshot} is shared with AWS accounts that are not in your organization. The AWS accounts are: [{AwsEc2EbsSnapshot.UnknownPermittedCloudAccounts}]. These accounts have the ability to copy the EBS snapshot and even create a volume from it. The volume can then be attached to an EC2 instance, from which the data stored in the EBS volume can be accessed.