Description: 

Elastic Block Store is a web service that provides block level storage volumes for use with EC2 instances. EBS volumes are highly available and reliable storage volumes that can be attached to any running instance and used like a hard drive.

 

If EBS Snapshots are made public, unauthorized users may be able to gain access to the data on the server. Ensure there are no EBS Snapshots set as Public.  We can achieve the same by modifying the permissions of a snapshot, you can share it with the AWS accounts that you specify.

 

Rationale:

Allowing public access to EBS Snapshots content may aid an adversary in identifying weaknesses in the affected account's use or configuration or data on the server.

 

Remediation:

    To check a EBS Snapshot using the console:

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
  2. Choose Snapshots in the navigation pane. 
  3. Select the snapshot and then Check if Snapshots are public, Modify Permissions. 
  4. Make the snapshot public or share it with specific AWS accounts as follows:
    • To make the snapshot private, choose Private. 
  5. Choose Save.


Default Value: By default, EBS Snapshots are not publicly accessible

 

Resources:

            https://docs.aws.amazon.com/ebs/?id=docs_gateway