EBS snapshot is shared with AWS accounts

Data at risk

EBS snapshot is shared with AWS accounts

Risk Level

Informational (4)

Platform(s)

Description

Amazon EBS (Elastic Block Storage) provide block level storage service designed to be used with EC2 instances. EBS snapshot is a point-in-time copy of the data stored in a EBS volume. It was detected that the EBS snapshot {AwsEc2EbsSnapshot} is shared with the following AWS accounts: [{AwsEc2EbsSnapshot.PermittedCloudAccounts}]. These accounts have the ability to copy the EBS snapshot and even create a volume from it. The volume can then be attached to an EC2 instance, from which the data stored in the EBS volume can be accessed.

Recommended Mitigation

It is recommended to ensure the EBS snapshot is shared only with trusted AWS accounts in order to prevent unauthorized users from copying and accessing the data stored in the snapshot. To edit the snapshot permissions, follow the instructions at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html#share-unencrypted-snapshot

EBS snapshot is shared with AWS accounts

Description

Need help?