Ensure that EBS snapshots are not publicly restorable for security compliance.
Rule | EBS snapshots should not be publicly restorable |
Framework | FedRAMP Moderate Revision 4 |
Severity | ✔ Medium |
Rule Description
The rule states that for environments hosted on AWS, EBS (Elastic Block Store) snapshots should not be publicly restorable for FedRAMP (Federal Risk and Authorization Management Program) Moderate Revision 4 compliance. This ensures that EBS snapshots containing sensitive data are not accessible to unauthorized individuals or entities.
Remediation Steps
To remediate this rule violation, follow the steps below:
Step 1: Identify Publicly Restorable EBS Snapshots
Step 2: Disable Public Restorable Attribute
Step 3: Verify Changes
Troubleshooting
If you encounter any issues during the remediation process, consider the following troubleshooting steps:
Issue: Unable to locate the "Snapshots" option in the EC2 Dashboard.
Issue: Unable to change the restorable attribute for a snapshot.
Issue: Changes are not being saved or applied.
Additional Information
To prevent future violations of this rule, develop and implement a clear policy regarding the management and access controls for EBS snapshots. Regularly review and audit the permissions associated with sensitive snapshots to ensure compliance with security best practices.
Consider automating the process of checking and disabling the public restorable attribute for EBS snapshots by utilizing AWS CLI (Command Line Interface) or AWS SDKs (Software Development Kits). This will help streamline the enforcement of this rule across multiple AWS accounts or regions.