Rule Description
Rule Code: AWS-EBS-03
Identify any AWS Elastic Block Store (EBS) volumes that are currently attached to stopped EC2 instances.
Consider to remove them if the instances are no longer needed.
Audit / Verification
Step 01: Sign in to the AWS Management Console.
Step 02: Access to EC2 dashboard. Select Volume under ELASTIC BLOCK STORE section
Step 03: Choose the EBS volume that you need to check. Navigate the Description tab and click the EC2 instance identifier (ID) listed as value for the Attachment information attribute to redirect to the Instances page.
Step 04: Check the current state of the EC2 instance associated with the selected EBS volume
- If the current state of the instance is set to stopped, the selected EBS volume is attached to a stopped AWS EC2 instance
Step 05: Repeat steps no. 4 – 6 to determine the usage status for other Amazon EBS volumes provisioned in the current region.
Step 06: Switch to the other AWS regions and follow the same above audit process.