Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: EC2 Instance Should Have EBS Optimization Enabled

This rule ensures that EC2 instances have EBS optimization enabled for better performance and cost-efficiency.

RuleEC2 instance should have EBS optimization enabled
FrameworkNIST 800-53 Revision 5
Severity
High

Rule Description:

To comply with NIST 800-53 Revision 5, an EC2 instance should have Elastic Block Store (EBS) Optimization enabled. Enabling EBS optimization helps to achieve faster throughput and lower latency for accessing EBS volumes attached to EC2 instances. By utilizing dedicated network connectivity between EC2 instances and EBS volumes, EBS optimization improves application performance and reduces I/O latencies.

Troubleshooting Steps (if applicable):

If EBS optimization is not enabled on an EC2 instance, you may encounter performance issues with your applications accessing EBS volumes. To troubleshoot this, you can follow these steps:

  1. 1.
    Identify the EC2 instance experiencing performance issues.
  2. 2.
    Check the instance's configuration and verify if EBS optimization is enabled or not.
  3. 3.
    If EBS optimization is not enabled, proceed with the remediation steps mentioned below.

Remediation:

To enable EBS optimization for an EC2 instance, follow the step-by-step guide below:

  1. 1.
    Open the AWS Management Console and navigate to the EC2 dashboard.
  2. 2.
    Select the desired EC2 instance for which you want to enable EBS optimization.
  3. 3.
    Click on the "Actions" dropdown menu and choose "Instance Settings" > "Change EBS Optimization attributes."
  4. 4.
    In the "Change EBS Optimization attributes" window, select the checkbox to enable EBS optimization.
  5. 5.
    Click "Apply" to save the changes.
  6. 6.
    Wait for the changes to take effect. The instance may require a reboot for the changes to apply fully.

Once the EBS optimization is enabled for the EC2 instance, it will benefit from improved EBS volume performance.

Example Code (if applicable):

If you prefer to use AWS CLI to enable EBS optimization for an EC2 instance, use the following command:

aws ec2 modify-instance-attribute --instance-id <instance-id> --ebs-optimized

Replace

<instance-id>
with the actual ID of the EC2 instance on which you want to enable EBS optimization.

Verification:

To verify if EBS optimization is enabled for an EC2 instance, you can use either the AWS Management Console or AWS CLI. Here are the steps for both methods:

AWS Management Console:

  1. 1.
    Open the AWS Management Console and navigate to the EC2 dashboard.
  2. 2.
    Select the EC2 instance you enabled EBS optimization for.
  3. 3.
    In the details pane at the bottom, locate the "EBS-optimized" attribute. It should be shown as "True" if EBS optimization is enabled.

AWS CLI:

Run the following command using AWS CLI:

aws ec2 describe-instance-attribute --instance-id <instance-id> --attribute ebsOptimized

Replace

<instance-id>
with the actual ID of the EC2 instance. If the command output shows
"Value": true
, it means EBS optimization is enabled.

By following these steps, you can ensure that your EC2 instances are compliant with the NIST 800-53 Revision 5 requirement regarding EBS optimization.

Is your System Free of Underlying Vulnerabilities?
Find Out Now