This rule ensures that EC2 instances have EBS optimization enabled for better performance and cost-efficiency.
Rule | EC2 instance should have EBS optimization enabled |
Framework | NIST 800-53 Revision 5 |
Severity | ✔ High |
Rule Description:
To comply with NIST 800-53 Revision 5, an EC2 instance should have Elastic Block Store (EBS) Optimization enabled. Enabling EBS optimization helps to achieve faster throughput and lower latency for accessing EBS volumes attached to EC2 instances. By utilizing dedicated network connectivity between EC2 instances and EBS volumes, EBS optimization improves application performance and reduces I/O latencies.
Troubleshooting Steps (if applicable):
If EBS optimization is not enabled on an EC2 instance, you may encounter performance issues with your applications accessing EBS volumes. To troubleshoot this, you can follow these steps:
Remediation:
To enable EBS optimization for an EC2 instance, follow the step-by-step guide below:
Once the EBS optimization is enabled for the EC2 instance, it will benefit from improved EBS volume performance.
Example Code (if applicable):
If you prefer to use AWS CLI to enable EBS optimization for an EC2 instance, use the following command:
aws ec2 modify-instance-attribute --instance-id <instance-id> --ebs-optimized
Replace
<instance-id>
with the actual ID of the EC2 instance on which you want to enable EBS optimization.Verification:
To verify if EBS optimization is enabled for an EC2 instance, you can use either the AWS Management Console or AWS CLI. Here are the steps for both methods:
AWS Management Console:
AWS CLI:
Run the following command using AWS CLI:
aws ec2 describe-instance-attribute --instance-id <instance-id> --attribute ebsOptimized
Replace
<instance-id>
with the actual ID of the EC2 instance. If the command output shows "Value": true
, it means EBS optimization is enabled.By following these steps, you can ensure that your EC2 instances are compliant with the NIST 800-53 Revision 5 requirement regarding EBS optimization.