Posted On: Dec 14, 2023
Block Public Access for EBS Snapshots provides an additional layer of security for Amazon Elastic Block Store (Amazon EBS) Snapshots and helps prevent unauthorized access and potential misuse of snapshot data. Starting today, you can manage Block Public Access for EBS Snapshots settings for your account using Amazon CloudFormation templates.
Amazon CloudFormation simplifies provisioning and management of resources on Amazon Web Services. It allows you to track changes over time, apply updates in a controlled and automated manner, and include version controls so you can easily roll back changes if needed. You can use CloudFormation templates to enable the Block Public Access setting in either the ‘block new sharing’ mode or the ‘block all sharing’ mode. When Block Public Access is enabled in either of the two modes, all future attempts to make an EBS snapshot public are automatically blocked. Additionally, with ‘block all sharing’ mode enabled, customers can prevent any existing public snapshots from being publicly accessed. You can also continue to manage Block Public Access for EBS Snapshots using the Amazon Web Services Management Console, Command Line Interface (CLI), or API.
Amazon CloudFormation support for Block Public Access for EBS Snapshots is available in Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD. For more information, see Block Public Access for EBS Snapshots resource type reference in the Amazon CloudFormation User Guide.