Exposed RDS snapshot can be accessed by any user


A misconfigured database snapshot can be retrieved by any AWS account, including accounts that do not belong to your organization.

Amazon Relational Database Service (RDS) database snapshots can be marked as public, allowing anyone to copy the snapshot to their AWS account, which can lead to a data breach.


  1. Follow the Stop sharing a manual DB snapshot with an AWS account AWS Console documentation.