Skip to main content

lacework-global-160

Ensure No Public EBS Snapshots

Description

You can back up the data on your Amazon EBS volumes to Amazon S3 by taking point-in-time snapshots. These snapshots can be private, shared with other AWS accounts, or open to the public.

Remediation

  1. Log in to the AWS Management Console and select 'EC2' from services.

  2. Choose Snapshots under Elastic Block Store in the navigation pane.

  3. Select the applicable snapshot.

  4. Click 'Modify permissions' on the permissions tab in the bottom pane.

  5. Select private on the pop-up modal.

  6. Click save.

  7. Follow-up by inspecting data on the volume associated with the snapshot.

  8. Any credentials on the snapshot should be rotated.