diff --git a/builder/amazon/common/step_encrypted_ami.go b/builder/amazon/common/step_encrypted_ami.go
index 0ad8bd5d3..68be1b3cd 100644
--- a/builder/amazon/common/step_encrypted_ami.go
+++ b/builder/amazon/common/step_encrypted_ami.go
@@ -17,6 +17,7 @@ type StepCreateEncryptedAMICopy struct {
 	EncryptBootVolume bool
 	Name              string
 	AMIMappings       []BlockDevice
+	ToDelete          []*string
 }
 
 func (s *StepCreateEncryptedAMICopy) Run(ctx context.Context, state multistep.StateBag) multistep.StepAction {
@@ -107,8 +108,7 @@ func (s *StepCreateEncryptedAMICopy) Run(ctx context.Context, state multistep.St
 		return multistep.ActionHalt
 	}
 
-	// Remove associated unencrypted snapshot(s)
-	ui.Say("Deleting unencrypted snapshots")
+	// Figure out which unencrypted snapshot(s) to delete
 	snapshots := state.Get("snapshots").(map[string][]string)
 
 OuterLoop:
@@ -121,15 +121,7 @@ OuterLoop:
 					continue OuterLoop
 				}
 			}
-
-			ui.Message(fmt.Sprintf("Deleting Snapshot ID: %s", *blockDevice.Ebs.SnapshotId))
-			deleteSnapOpts := &ec2.DeleteSnapshotInput{
-				SnapshotId: aws.String(*blockDevice.Ebs.SnapshotId),
-			}
-			if _, err := ec2conn.DeleteSnapshot(deleteSnapOpts); err != nil {
-				ui.Error(fmt.Sprintf("Error deleting snapshot, may still be around: %s", err))
-				return multistep.ActionHalt
-			}
+			s.ToDelete = append(s.ToDelete, aws.String(*blockDevice.Ebs.SnapshotId))
 		}
 	}
 
@@ -171,4 +163,16 @@ func (s *StepCreateEncryptedAMICopy) Cleanup(state multistep.StateBag) {
 		ui.Error(fmt.Sprintf("Error deregistering AMI, may still be around: %s", err))
 		return
 	}
+
+	ui.Say("Deleting unencrypted snapshots")
+	for _, snap := range s.ToDelete {
+		ui.Message(fmt.Sprintf("Deleting Snapshot ID: %s", *snap))
+		deleteSnapOpts := &ec2.DeleteSnapshotInput{
+			SnapshotId: snap,
+		}
+		if _, err := ec2conn.DeleteSnapshot(deleteSnapOpts); err != nil {
+			ui.Error(fmt.Sprintf("Error deleting snapshot, may still be around: %s", err))
+			return
+		}
+	}
 }