InvalidSnapshot.NotFound
AWS InvalidSnapshot.NotFound means the specified EBS snapshot does not exist for the account and region context of the request.
Last reviewed: May 5, 2026|Source-backed guidance under our editorial policy
Start Here
Use the closest compare guide, playbook, or adjacent error page to narrow the decision faster before you start changing production systems.
This page is part of the Error Reference library. Learn more about the project or report a correction.
What Does Invalid Snapshot Not Found Mean?
EC2 cannot resolve the referenced snapshot in the caller account-region visibility scope, so launch/restore flows fail until a valid snapshot reference is supplied.
Common Causes
- -Snapshot ID is mistyped or references a snapshot in a different AWS region.
- -Snapshot was deleted after the ID was captured in automation or IaC state.
- -Cross-account copy/share assumptions are wrong for the credentials being used.
- -Image pipeline rotated snapshot IDs, but downstream jobs still use stale values.
How to Fix Invalid Snapshot Not Found
- 1Confirm snapshot ID from authoritative inventory immediately before use.
- 2Verify the request runs in the correct account and region endpoint.
- 3Call
DescribeSnapshotswith the same credentials to confirm visibility. - 4If snapshot copy/create just ran, wait for completion before dependent operations.
Step-by-Step Diagnosis for Invalid Snapshot Not Found
- 1Capture snapshot ID, region, account ID, and request ID from the failing call.
- 2Correlate
CopySnapshot/DeleteSnapshotevents in CloudTrail around failure time. - 3Diff launch template or IaC snapshot references against current snapshot inventory.
- 4Validate assumed role/account path used by the caller matches expected ownership.
Snapshot Visibility and Ownership Checks
- -Validate snapshot ID with same role and region endpoint (example: snapshot exists in source account but not shared to target account).
- -Inspect snapshot lifecycle history for deletion/rotation events (example: retention policy removed snapshot still referenced in template).
Image Pipeline and Reference Freshness
- -Audit AMI/snapshot catalog propagation timing (example: downstream job consumes snapshot ID before copy completes).
- -Invalidate stale snapshot references in automation caches (example: old state file still pins retired snapshot ID).
Decision Shortcut: Wrong Region vs Deleted Snapshot vs Missing Share
- -If
DescribeSnapshotssucceeds in one region but fails in the launch region, update the region-specific snapshot mapping before rerunning EC2 operations. - -If CloudTrail shows
DeleteSnapshotor retention cleanup before the failure, recover the intended snapshot lineage or publish a replacement ID. - -If the snapshot is in another account, confirm it is explicitly shared to the caller and that encrypted snapshot KMS permissions are also valid.
Wrong Fix to Avoid
- -Do not replace the AMI or launch template blindly until you know whether the missing reference is snapshot deletion, region drift, or account visibility.
- -Do not retry a restore or launch with the same invisible snapshot ID; EC2 will keep rejecting it until visibility or reference data changes.
- -Do not copy snapshot IDs between regions as plain strings; snapshot IDs are region-scoped operational references.
Implementation Examples
SNAPSHOT_ID=snap-0123456789abcdef0
REGION=us-east-1
aws sts get-caller-identity
aws ec2 describe-snapshots \
--region "$REGION" \
--snapshot-ids "$SNAPSHOT_ID" \
--query 'Snapshots[].{id:SnapshotId,state:State,owner:OwnerId,encrypted:Encrypted,start:StartTime}'aws cloudtrail lookup-events \
--lookup-attributes AttributeKey=ResourceName,AttributeValue=snap-0123456789abcdef0 \
--query 'Events[].{time:EventTime,name:EventName,user:Username}' \
--output tableIncident Timeline
07:20 UTC
Image pipeline publishes a snapshot-backed artifact
Signal: AMI or volume metadata stores an EBS snapshot ID that downstream launch, copy, or restore jobs will consume.
Why it matters: The authoritative snapshot ID should come from the latest successful image catalog, not from a cached pipeline variable.
07:45 UTC
Downstream EC2 operation cannot resolve the snapshot
Signal: RunInstances, CreateVolume, or restore automation returns InvalidSnapshot.NotFound in one account/region.
Why it matters: Capture caller account, region, role, snapshot ID, and request ID before editing launch templates.
07:55 UTC
Visibility check identifies scope drift
Signal: DescribeSnapshots works only under a different region/account or CloudTrail shows deletion or incomplete copy state.
Why it matters: The fix is reference freshness or sharing/copy completion, not generic EC2 retry logic.
08:10 UTC
Launch path uses a visible snapshot ID
Signal: The same caller can describe the snapshot and the dependent EC2 operation proceeds.
Why it matters: Keep snapshot existence preflight in the pipeline so stale IDs fail before deploy or restore time.
Seen in Production
AMI pipeline passes stale snapshot ID to a restore/volume workflow
Frequency: common
Example: Cleanup job deleted older snapshots, but deployment metadata still references one of them.
Fix: Refresh snapshot references at execution time and block deploy if snapshot lookup fails.
Cross-region snapshot copy is used before destination visibility completes
Frequency: rare
Example: Cross-region restore process uses snapshot ID before it becomes available in target region.
Fix: Wait for snapshot copy completion and visibility checks before dependent operations.
Wrong Fix vs Better Fix
Static snapshot ID vs live artifact lookup
Wrong fix: Hard-code the snapshot ID in Terraform variables or deployment scripts and update it manually after failures.
Better fix: Resolve snapshot IDs from a versioned image catalog or IaC output immediately before the dependent EC2 operation.
Why this is better: The launch path follows the current artifact lineage and avoids stale cleanup or cross-region copy races.
Retry after copy vs wait for visibility
Wrong fix: Start restore or launch steps immediately after CopySnapshot returns and rely on retries.
Better fix: Wait until the destination-region snapshot is completed and visible to the same caller role.
Why this is better: The dependent operation starts only after EC2 can resolve the snapshot in the right account and region.
Debugging Tools
- -EC2 DescribeSnapshots
- -CloudTrail snapshot lifecycle events
- -Launch template/IaC state diff
- -AMI pipeline artifact inventory
How to Verify the Fix
- -Run
DescribeSnapshots --snapshot-idswith the same role and region to confirm snapshot visibility. - -Replay the failing launch/restore action and verify InvalidSnapshot.NotFound no longer appears.
- -Confirm templates and pipeline metadata no longer reference retired snapshot IDs.
How to Prevent Recurrence
- -Resolve snapshot IDs from a live inventory feed right before dependent EC2 operations.
- -Gate pipelines with snapshot ownership and region checks for every referenced ID.
- -Track snapshot retention/deletion events and automatically invalidate stale references.
Pro Tip
- -enforce a preflight
DescribeSnapshotsexistence check in launch pipelines and fail fast if snapshot ownership/region visibility does not match expected scope.
Official References
Provider Context
This guidance is specific to AWS services. Always validate implementation details against official provider documentation before deploying to production.