Amazon EBS volumes provide reliable block-level storage for EC2 instances, but unused volumes can accumulate over time, increasing costs.
AWS Config helps you continuously monitor resource configurations and evaluate them against predefined rules, enabling proactive governance and cost optimization. In this Cloud Lab, you’ll learn how AWS Config identifies unused EBS volumes and how automated remediation actions help you manage them efficiently.
In this hands-on Cloud Lab, you’ll prepare the environment for AWS Config by first creating an S3 bucket with the required bucket policy and setting up an Amazon SNS topic for notifications.
Next, you’ll provision an EBS volume that remains in the available state, allowing it to be evaluated. The main focus of the Coud Lab is on enabling AWS Config recording and adding the ec2-volume-inuse-check rule to identify unused EBS volumes.
After configuring AWS Config, you’ll add the AWSConfigRemediation-DeleteUnusedEBSVolume automatic remediation of the rule.
When you evaluate the rule, any noncompliant EBS volumes will be detected, and the remediation will automatically create a snapshot of each volume before deleting it. After completing this Cloud Lab, you will understand how AWS Config works behind the scenes, how to implement automated governance workflows, and how to use AWS Systems Manager Automation to enforce resource compliance. These skills will enable you to design more secure, controlled, and cost-effective cloud environments.
Below is the high-level architecture diagram of the infrastructure you’ll create in this Cloud Lab:
