standard
turbot/aws_compliance

Trigger: Detect & correct EBS snapshots when publicly restorable

Detect EBS snapshots that are publicly restorable and then skip or update snapshot permission to private or delete the snapshot.

Query

select
concat(snapshot_id, ' [', account_id, '/', region, ']') as title,
snapshot_id,
region,
sp_connection_name as conn
from
aws_ebs_snapshot
where
create_volume_permissions @> '[{"Group": "all", "UserId": null}]';

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/EBS