- 최신
- 최다 투표
- 가장 많은 댓글
You can replace a root volume, but I suspect that is not what you are trying to do.
I would suggest you think about it differently. The root volume should only contain the minimal OS for meeting your requirements for the security and operational considerations you are referring to. You can specify volumes in a Launch Template using block device mappings, then use the user data to mount those volumes.
But filling the / filesystem only because some "crazy" log filled /var is not so good. Especially if you have some "legacy" application, it's not easy to redirect all logs/data on another volume and you are always at risk to forget some of them.
Monitoring logging to prevent this from happening is both a security and a reliability best practice.
That being said, you can also use symbolic links to ensure the logs are in a filesystem other than root.
I also have the same question. Is there a way to achieve this?