Back to All Checks
Critical EC2 Regional

EBS snapshots should not be publicly restorable

PCI DSSNISTHIPAA

Description

Checks whether Amazon EBS snapshots are publicly restorable.

Remediation

To comply with this control, ensure that Amazon EBS snapshots are not publicly restorable. Modify the permissions of any public snapshots to restrict access.

Steps

  1. Sign in to the AWS Management Console and open the EC2 console at https://console.aws.amazon.com/ec2/.
  2. In the EC2 console, click on 'Snapshots' in the left navigation pane.
  3. Select the snapshot you want to modify.
  4. Under the 'Permissions' tab, check if the snapshot is public.
  5. If the snapshot is public, click on 'Edit' next to 'Public access'.
  6. Change the access to 'Private' or specify the AWS accounts that are allowed to access the snapshot.
  7. Click on 'Save' to apply the changes.

Compliance

PCI DSSNISTHIPAA
Start Your Free Security Check