AWS EBS Volumes Attached To Stopped EC2 Instances

Rule Description

Rule Code: AWS-EBS-03

Identify any AWS Elastic Block Store (EBS) volumes that are currently attached to stopped EC2 instances.

Consider to remove them if the instances are no longer needed.

Audit / Verification

Step 01: Sign in to the AWS Management Console.

AWS Console login

Step 02: Access to EC2 dashboard. Select Volume under ELASTIC BLOCK STORE section

Navigate EC2
Navigate EBS

Step 03: Choose the EBS volume that you need to check. Navigate the Description tab and click the EC2 instance identifier (ID) listed as value for the Attachment information attribute to redirect to the Instances page.

Step 04: Check the current state of the EC2 instance associated with the selected EBS volume

  • If the current state of the instance is set to stopped, the selected EBS volume is attached to a stopped AWS EC2 instance

Step 05: Repeat steps no. 4 – 6 to determine the usage status for other Amazon EBS volumes provisioned in the current region.

Step 06: Switch to the other AWS regions and follow the same above audit process.