Skip to content

/AWS1/CL_EC2=>ENABLESNAPBLOCKPUBLICACCESS()

About EnableSnapshotBlockPublicAccess

Enables or modifies the block public access for snapshots setting at the account level for the specified Amazon Web Services Region. After you enable block public access for snapshots in a Region, users can no longer request public sharing for snapshots in that Region. Snapshots that are already publicly shared are either treated as private or they remain publicly shared, depending on the State that you specify.

If block public access is enabled in block-all-sharing mode, and you change the mode to block-new-sharing, all snapshots that were previously publicly shared are no longer treated as private and they become publicly accessible again.

For more information, see Block public access for snapshots in the Amazon EBS User Guide.

Method Signature

IMPORTING

Required arguments:

IV_STATE TYPE /AWS1/EC2SNAPBLOCKPUBACCSTATE /AWS1/EC2SNAPBLOCKPUBACCSTATE

The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:

  • block-all-sharing - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.

    If you enable block public access for snapshots in block-all-sharing mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.

  • block-new-sharing - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.

unblocked is not a valid value for EnableSnapshotBlockPublicAccess.

Optional arguments:

IV_DRYRUN TYPE /AWS1/EC2BOOLEAN /AWS1/EC2BOOLEAN

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

RETURNING

OO_OUTPUT TYPE REF TO /AWS1/CL_EC2ENBSNAPBLKPUBACCRS /AWS1/CL_EC2ENBSNAPBLKPUBACCRS