Medium

Ensure EBS volumes are of type gp3 (General Purpose SSD) instead of gp2

AWS Cost Optimization
Description

Amazon Elastic Block Store (EBS) volumes provide block-level storage for EC2 instances. EBS volumes are available in several types, including General Purpose SSD (gp2) and General Purpose SSD (gp3). Ensuring that EBS volumes are of type gp3 instead of gp2 is a best practice for improving storage performance and reducing costs. gp3 volumes offer higher performance than gp2 volumes at a lower cost per gigabyte. By using gp3 volumes instead of gp2 volumes, you can improve the performance of your applications, reduce storage costs, and optimize your infrastructure for better efficiency.‍

Remediation

The following are the remediation steps to ensure that EBS volumes are of type gp3 instead of gp2:

  1. Identify all existing gp2 EBS volumes in your AWS account.
  2. For each gp2 EBS volume, create a new gp3 EBS volume with the same size and specifications.
  3. Attach the new gp3 EBS volume to your EC2 instance.
  4. Copy the data from the gp2 EBS volume to the new gp3 EBS volume.
  5. Once the data has been copied, detach the gp2 EBS volume and delete it.
  6. For future EBS volumes, use gp3 volumes instead of gp2 volumes.
  7. Use automation tools such as AWS CloudFormation, AWS CLI or AWS SDKs to automate the process of creating new gp3 volumes and migrating data.

By following these steps, you can ensure that your EBS volumes are of type gp3 instead of gp2, which will help to improve the performance of your applications, reduce storage costs, and optimize your infrastructure for better efficiency.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.

Step into the Future of SecOps