EBS snapshot is shared with unknown AWS accounts

Data at risk

EBS snapshot is shared with unknown AWS accounts

Platform(s)

Compliance Frameworks

coppa
CPRA
Data Security Posture Management (DSPM) Best Practices
essential_8_au
essential_8_au_level_1
essential_8_au_level_2
Mitre ATT&CK
mpa
NIST 800-171
NIST 800-53
pipeda

Description

Amazon EBS (Elastic Block Storage) provide block level storage service designed to be used with EC2 instances. EBS snapshot is a point-in-time copy of the data stored in a EBS volume. It was detected that the EBS snapshot {AwsEc2EbsSnapshot} is shared with AWS accounts that are not in your organization. The AWS accounts are: [{AwsEc2EbsSnapshot.UnknownPermittedCloudAccounts}]. These accounts have the ability to copy the EBS snapshot and even create a volume from it. The volume can then be attached to an EC2 instance, from which the data stored in the EBS volume can be accessed.

EBS snapshot is shared with unknown AWS accounts

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS