TL;DR: A public EBS snapshot is a full disk image of one of your servers that any AWS customer in the world can copy with one CLI call — and it can hold customer PII, hardcoded API keys, source code, or SSH keys. It's a security finding first, a cleanup second. The critical fact: making it private stops future access but does nothing about copies already made during the public window. Treat a confirmed-sensitive one as a breach — rotate credentials, follow incident process — then delete. This check is free even on Basic Support.
The numbers
- Flagged when
CreateVolumePermissionincludesall(any AWS account cancreate-volumefrom it). - Almost always accidental and old — a wrong dropdown during AMI sharing, an IaC
launch_permission { group_names = ["all"] }, or a years-old "share with the community" experiment; many findings are 2+ years old. - Cost is secondary: public snapshots bill like any snapshot (~$0.05/GB-mo), but most are forgotten artifacts, so remediation ends in deletion — a typical audit finds 10–40 snapshots (50–500 GB each) and recovers $30–200/month plus removes major exposure.
- Field examples: a fintech's first audit found 18 public snapshots (4 with baked-in credentials → treated as incidents); a misconfigured Packer pipeline emitted one public snapshot per week for 47 weeks — fixed in 5 minutes of config.
Do this
- Open Trusted Advisor → Security → Amazon EBS Public Snapshots and sort by creation date descending — recent ones most likely hold current credentials.
- Make private first (reversible), then decide keep-vs-delete:
aws ec2 modify-snapshot-attribute --snapshot-id <id> --create-volume-permission "Remove=[{Group=all}]". - For any that held sensitive data, run breach response — restore to a private volume to inventory contents, rotate every credential that was on disk, follow your incident and regulatory-notification process (clock starts when you knew).
- Fix the root cause in IaC — grep Terraform/CloudFormation/Packer for
["all"]/group_names = ["all"]/ami_groups, replace with specific account IDs, add a CI lint that fails builds containing["all"]. - Add prevention: the AWS Config rule
ec2-ebs-snapshot-public-restorable-check(detect or auto-remediate) plus an Org SCP denyingec2:ModifySnapshotAttributewithall.
Gotchas
- Making private ≠ full remediation — anyone who copied it during the public window has an independent copy you can't delete; assume exposure is total within that window.
- AMIs and snapshots are separate permissions — making an AMI public makes its snapshots public; fixing snapshots doesn't fix the AMI (
createVolumePermissionvsimagePermission). - Encryption is a partial mitigation only — a public encrypted snapshot whose KMS key isn't shared can't be volume-created by outsiders, but never rely on it as the primary control.
- Trusted Advisor lags ~24h after remediation, and it won't trust your "intentionally public" tags — keep an internal register and skip those in review.
Skip this if
- The snapshot is deliberately public (community/reference AMI) and verified to contain nothing sensitive, unencrypted, clearly described, tagged
intended-public=true, and in an internal register — re-audit annually. Otherwise never skip. The cost-side companion is Trusted Advisor — Underutilized EBS Volumes; prevent upstream accumulation with EBS DeleteOnTermination and AWS Config recording, and apply Org SCPs via Consolidated Billing.