Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: EBS Snapshots Should Not Be Publicly Restorable

This rule ensures that EBS snapshots are not publicly restorable to enhance security measures.

RuleEBS snapshots should not be publicly restorable
FrameworkNIST Cybersecurity Framework (CSF) v1.1
Severity
Medium

Rule Description:

EBS (Elastic Block Store) snapshots should not be publicly restorable. This rule is derived from the NIST Cybersecurity Framework (CSF) version 1, which emphasizes protection and security controls around cloud resources. Publicly restorable EBS snapshots can expose confidential data and potentially lead to unauthorized access, making it essential to restrict access to only authorized entities.

Troubleshooting Steps (if applicable):

  2. 1.
    Check the current status of the EBS snapshots and identify if any of them are publicly restorable.
  4. 2.
    Verify if any unauthorized users or accounts have the ability to restore the EBS snapshots.
  6. 3.
    Determine the potential impact in case an unauthorized entity restores a publicly restorable EBS snapshot.
  8. 4.
    Review the access control policies and permissions assigned to EBS snapshots to identify any misconfigurations or gaps.

Necessary Codes (if applicable):

No specific code is required for this rule, as it primarily involves configuring access permissions and enforcing security controls through AWS IAM (Identity and Access Management) policies.

Step-by-Step Guide for Remediation:

  2. 1.
    Log in to the AWS Management Console.
  4. 2.
    Go to the Amazon EC2 service.
  6. 3.
    Click on "Snapshots" in the left navigation pane.
  8. 4.
    Review the snapshot list and identify the publicly restorable snapshots.
  10. 5.
    Select the publicly restorable snapshot.
  12. 6.
    Click on the "Actions" button and choose "Modify Permissions" from the dropdown menu.
  14. 7.
    In the "Modify Permissions" dialog box, remove any permissions assigned to "Public" or any unauthorized entities.
  16. 8.
    Click "Save" to apply the changes.
  18. 9.
    Verify that all publicly restorable snapshots have now been restricted from public access.
  20. 10.
    Regularly review and monitor the access permissions for EBS snapshots to ensure ongoing compliance.

Remember to regularly audit and review the access permissions of EBS snapshots to maintain a secure and protected environment.

Is your System Free of Underlying Vulnerabilities?
Find Out Now