<  Back to rules search

EBS volume snapshot is not publicly shared with other AWS accounts



Secure Amazon Elastic Block Store (EBS) snapshots.


Publicly shared Amazon EBS volume snapshots contain sensitive application data that can be seen, copied, and exploited.


From the console

Follow the EBS encryption docs to learn how to implement EBS encryption. Public snapshots, which are encrypted by default, are not supported

**Note**: You can share an encrypted snapshot with specific accounts.

From the command line

  1. Run enable-ebs-encryption-by-default to enable encryption for your account in the current region.

  2. Run get-ebs-encryption-by-default to confirm encryption is enabled.

See the Set encryption defaults using the API and CLI docs for additional commands related to EBS encryption.