Rule: EBS Volumes Should Be Attached to EC2 Instances
This rule ensures that EBS volumes are properly attached to EC2 instances.
| Rule | EBS volumes should be attached to EC2 instances |
| Framework | GxP 21 CFR Part 11 |
| Severity | ✔ High |
Rule Description:
This rule ensures compliance with GxP 21 CFR Part 11 regulations by requiring that all Elastic Block Store (EBS) volumes are properly attached to EC2 instances. This is necessary to maintain data integrity, traceability, and security of information stored on the EBS volumes.
Troubleshooting Steps:
If an EBS volume is not properly attached to an EC2 instance, the following troubleshooting steps are recommended:
- 1.
Verify EBS Volume Status: Check the status of the EBS volume to ensure it is available and not experiencing any issues. This can be done using the AWS Management Console or CLI.
- 2.
Verify EC2 Instance Status: Verify the status of the EC2 instance to ensure it is running and available. If the instance is in a stopped state, start it before proceeding.
- 3.
Check EBS Volume and EC2 Instance Availability Zone: Ensure that the EBS volume and the EC2 instance are in the same availability zone within the chosen region. If they are in different availability zones, they cannot be attached.
- 4.
Check Volume Attachments: Review the volume attachments for the EC2 instance to confirm if the EBS volume is already attached or not. If it is already attached and not working properly, consider detaching and reattaching it.
- 5.
Verify IAM Permissions: Ensure that the IAM user or role associated with the EC2 instance has the necessary permissions to attach and access EBS volumes. Check the IAM policy to confirm the required permissions.
- 6.
Verify Volume Size and Type: Verify that the size and type (e.g., standard, gp2, io1) of the EBS volume are suitable for attaching to the EC2 instance. Incompatibility can prevent successful attachment.
Necessary Codes:
No specific codes are required for this rule/policy. However, you can use AWS CLI commands for troubleshooting and managing EBS volumes and EC2 instances.
Step-by-Step Guide for Remediation:
To attach an EBS volume to an EC2 instance, follow these steps:
- 1.
Open the AWS Management Console and navigate to the EC2 Dashboard.
- 2.
Select the EC2 instance to which you want to attach the EBS volume.
- 3.
Click the "Actions" button and choose "Attach Volume" from the dropdown menu.
- 4.
In the "Attach Volume" popup window, select the desired EBS volume from the dropdown menu.
- 5.
Specify the device name for the attachment, such as "/dev/sdf" or "/dev/xvdf". Make sure it does not conflict with any existing devices.
- 6.
Click "Attach" to attach the EBS volume to the EC2 instance.
- 7.
Once the EBS volume is successfully attached, you can access it from within the EC2 instance as a block storage device.
- 8.
Verify the attachment by logging into the EC2 instance and checking if the EBS volume is visible using the appropriate CLI command or file system tools.
Note: It is recommended to backup any critical data before attaching or detaching EBS volumes to prevent data loss.
These steps should help you ensure compliance with the GxP 21 CFR Part 11 regulations by properly attaching EBS volumes to EC2 instances.