Posted On: Nov 9, 2023
Amazon Elastic Block Store (EBS) now supports Block Public Access for EBS Snapshots, an account-wide security setting that allows customers to block public sharing of EBS Snapshots in a Region. Customers managing EBS Snapshots at-scale now have a simple and proactive way of safeguarding their data from inadvertent access by unauthorized users.
Customers use EBS Snapshots to back up their EBS volumes for disaster recovery, data migration and compliance purposes. Block Public Access for EBS Snapshots provides an additional layer of security for EBS Snapshots and helps prevent unauthorized access and potential misuse of snapshot data. The Block Public Access setting can be enabled in one of two modes, ‘block new sharing’ or ‘block all sharing’. When Block Public Access is enabled in either of the two modes, all future attempts to make a snapshot public are automatically blocked. Additionally, with ‘block all sharing’ mode enabled, customers can prevent any existing public snapshots from being publicly accessed. Along with the recent release of Block Public Access for EC2 AMIs, customers can use this setting to prevent public access to their EBS Snapshots.
Block Public Access for EBS Snapshots is currently disabled by default for all Amazon Web Services accounts, and customers can enable the setting through the Amazon Web Services Console, Amazon Command Line Interface (CLI), and Amazon SDKs.
Block Public Access for EBS Snapshots is available in Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD. There are no additional charges for using this feature. To learn more, see the technical documentation on Block Public Access for EBS Snapshots.