Posted On: Nov 9, 2023

Amazon Elastic Block Store (EBS) now supports Block Public Access for EBS Snapshots, an account-wide security setting that allows customers to block public sharing of EBS Snapshots in an AWS Region. Customers managing EBS Snapshots at scale now have a simple and proactive way of safeguarding their data from inadvertent access by unauthorized users.

Customers use EBS Snapshots to back up their EBS volumes for disaster recovery, data migration, and compliance purposes. Block Public Access for EBS Snapshots provides an additional layer of security for EBS Snapshots and helps prevent unauthorized access as well as potential misuse of snapshot data. The Block Public Access setting can be enabled in one of two modes, ‘block new sharing’ or ‘block all sharing’. When Block Public Access is enabled in either of the two modes, all future attempts to make a snapshot public are automatically blocked. Additionally, with ‘block all sharing’ mode enabled, customers can prevent public access to any existing public snapshots. Along with the recent release of Block Public Access for EC2 AMIs, customers can use this setting to prevent public access to their EBS Snapshots. 

Block Public Access for EBS Snapshots is currently disabled by default for all AWS accounts, and customers can enable the setting through the AWS Console, AWS Command Line Interface (CLI), and AWS SDKs.

Block Public Access for EBS Snapshots is available in all AWS commercial Regions and the AWS GovCloud (US) Regions. There are no additional charges for using this feature. To learn more, see the technical documentation on Block Public Access for EBS Snapshots.