If your EC2 and EBS resources that are configured for backup have been afflicted by ransomware, you can immediately contain the spread and recover from such an attack. With the Quarantine feature, you can quarantine the recovery points impacted. Once you quarantine a recovery point, you cannot restore any data from it, limiting the scope of the ransomware attack as a consequence. For more information on enabling quarantine for EC2 and EBS resources, editing the quarantine range, or deleting quarantined recovery points, see Quarantine EC2 and EBS recovery points.
Quarantined recovery points and quarantine range
You cannot perform a data restore if the EC2 and EBS recovery points have been quarantined. Restores are only permissible from recovery points that have not been identified as under threat, and are deemed safe.
In the following example, we quarantined recovery points for an EC2 instance from May 1, 2025 to June 12, 2025.
Navigate to your AWS Workloads management console to manage the Recovery points. You cannot initiate the restore for any EC2 recovery points that fall within this defined range and have been quarantined.
You can however, browse and view a quarantined snapshot.