diff --git a/plugins/source/aws/policies/queries/ec2/ebs_snapshot_permissions_check.sql b/plugins/source/aws/policies/queries/ec2/ebs_snapshot_permissions_check.sql
index f99de79d6eb8ee..38c870448dfa1f 100644
--- a/plugins/source/aws/policies/queries/ec2/ebs_snapshot_permissions_check.sql
+++ b/plugins/source/aws/policies/queries/ec2/ebs_snapshot_permissions_check.sql
@@ -19,7 +19,7 @@ SELECT DISTINCT
     -- this is under question because
     -- trusted accounts(user_id) do not violate this control
         OR user_id IS DISTINCT FROM ''
-    then 'pass'
-    else 'fail'
+    then 'fail'
+    else 'pass'
   end as status
 FROM snapshot_access_groups