Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: EBS Snapshots Should Not Be Publicly Restorable

This rule ensures that EBS snapshots are not publicly restorable to maintain data security.

RuleEBS snapshots should not be publicly restorable
FrameworkFedRAMP Moderate Revision 4
Severity
Medium

Rule Description:

This rule is implemented to ensure the security and compliance of EBS (Elastic Block Store) snapshots in the context of the FedRAMP (Federal Risk and Authorization Management Program) Moderate environment, specifically in accordance with Revision 4 guidelines. The rule mandates that EBS snapshots should not be publicly restorable.

Reason for the Rule:

Publicly restorable EBS snapshots pose a significant security risk as they may expose sensitive data to unauthorized access. By disallowing the public restoration of EBS snapshots, the rule helps protect against data leakage and unauthorized tampering or access to snapshot content.

Troubleshooting Steps (if applicable):

If an EBS snapshot is found to be publicly restorable, follow the below troubleshooting steps to address the issue:

  1. 1.
    Login to the AWS Management Console using appropriate credentials.
  2. 2.
    Navigate to the Amazon EC2 service.
  3. 3.
    Select "Snapshots" from the left-hand menu.
  4. 4.
    Find the publicly restorable EBS snapshot in question by checking the "Public" column.
  5. 5.
    Select the snapshot by clicking on the checkbox next to it.
  6. 6.
    Click on the "Modify Permissions" button at the top.
  7. 7.
    In the "Modify snapshot permissions" dialog box, uncheck the option to make the snapshot publicly restorable.
  8. 8.
    Click "Save" to apply the changes.

Note: If the publicly restorable option is grayed out, make sure you have the necessary permissions to modify snapshot permissions. Contact your system administrator or AWS account owner to request appropriate access.

Necessary Codes (if applicable):

There are no specific codes provided for this rule as the configuration change can be made through the AWS Management Console.

Remediation Steps:

Follow the step-by-step guide below to remediate the issue of publicly restorable EBS snapshots:

  1. 1.
    Open the AWS Management Console in your preferred web browser.
  2. 2.
    Login to the console using appropriate credentials.
  3. 3.
    Navigate to the Amazon EC2 service.
  4. 4.
    On the left-hand menu, click on "Snapshots."
  5. 5.
    Identify the EBS snapshot(s) that are publicly restorable by checking the "Public" column in the snapshot listing.
  6. 6.
    Select the snapshot(s) by clicking on the checkbox next to it.
  7. 7.
    Click on the "Modify Permissions" button located at the top of the snapshot listing.
  8. 8.
    In the "Modify snapshot permissions" dialog box, uncheck the option to make the snapshot publicly restorable.
  9. 9.
    Verify that the changes are correct, and then click on the "Save" button to apply the modifications.
  10. 10.
    Repeat the above steps for any other publicly restorable EBS snapshots found.
  11. 11.
    Once all necessary changes are made, review the snapshot listing to ensure that no EBS snapshots are publicly restorable.

By following these steps, the EBS snapshots will no longer be publicly restorable, reducing the security risk associated with unauthorized access to sensitive data.

Remember to implement appropriate access controls and permissions for EBS snapshots to ensure that only authorized users can restore or modify them as needed, following organizational policies and best practices.

Is your System Free of Underlying Vulnerabilities?
Find Out Now