Medium

Ensure EBS volumes are of type gp3 (General Purpose SSD) instead of io1

AWS Cost Optimization
AWS Well-Architected Framework
Description

A cost-saving approach for Amazon EBS instances is to use General Purpose (GP) SSD storage instead of Provisioned IOPS (PIOPS) SSD storage, as with GP SSDs you only pay for storage, while with PIOPS SSDs, you pay for both storage and IOPS. If you have existing PIOPS-based volumes, you can convert them to GP volumes by configuring larger storage, which provides higher baseline performance of IOPS at a lower cost. To lower the cost of your AWS bill while maintaining the same I/O performance, it is recommended that you ensure your Amazon EC2 instances are using General Purpose SSD volumes instead of Provisioned IOPS SSD volumes. Unless you are running mission-critical applications that require more than 10,000 IOPS or 160 MiB/s of throughput per EBS volume, converting your Provisioned IOPS EC2 instances to General Purpose instances can be highly beneficial. This way, you can enjoy cost-effective storage that is suitable for a wide range of workloads.

Remediation

To ensure that your Amazon Elastic Block Store (EBS) volumes are of the type gp3 (General Purpose SSD) instead of io1, you can take the following remediation steps:

  1. Log in to the AWS Management Console and navigate to the EC2 service.
  2. Select the EC2 instance for which you want to check the EBS volumes.
  3. Click on the "Volumes" tab to view the list of EBS volumes attached to the instance.
  4. Identify the EBS volumes that are of the type io1.
  5. Click on the checkbox next to each io1 EBS volume to select it.
  6. Click on the "Actions" button and select "Modify Volume" from the dropdown menu.
  7. In the "Modify Volume" dialog box, change the volume type to gp3.
  8. Configure the volume size and baseline performance for gp3 as needed.
  9. Click on the "Modify" button to apply the changes.

Once the changes are applied, the EBS volume type will be changed to gp3. Repeat these steps for any other io1 EBS volumes attached to the EC2 instance.

Note that gp3 volumes offer a lower cost-per-GB compared to io1 volumes, and provide a baseline performance of up to 3,000 IOPS and 125 MB/s throughput. If you need more IOPS or throughput, you can adjust the settings accordingly.

Enforced Resources
EBS Volume
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.

Step into the Future of SecOps

Self Served Test drive >
Schedule a live demo >