You can replace a root volume, but I suspect that is not what you are trying to do.
I would suggest you think about it differently. The root volume should only contain the minimal OS for meeting your requirements for the security and operational considerations you are referring to. You can specify volumes in a Launch Template using block device mappings, then use the user data to mount those volumes.
- asked 2 months ago
- Accepted Answerasked a day ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 8 months ago
- How can I configure my EC2 Spot Instances so that the root EBS volume won’t be deleted when I terminate the instance?AWS OFFICIALUpdated a month ago
- How do I set the properties of a root volume for an Amazon EC2 instance that I created using an AWS CloudFormation template?AWS OFFICIALUpdated 8 months ago
- EXPERTpublished 6 months ago
- EXPERTpublished 3 months ago
But filling the / filesystem only because some "crazy" log filled /var is not so good. Especially if you have some "legacy" application, it's not easy to redirect all logs/data on another volume and you are always at risk to forget some of them.
Monitoring logging to prevent this from happening is both a security and a reliability best practice.
That being said, you can also use symbolic links to ensure the logs are in a filesystem other than root.