Partitioning the EBS Root Volume of an AWS EC2 Instance


One of the few things I do not like about the AWS EC2 service is that all available images (AMIs) used to to launch new instances have a single partition where the root filesystem is mounted on. In my opinion, this approach is not appropriate, there are also a few security standards requiring specific partitioning.

Is there some doc about creating an instance/AMI (by Terraform or CloudFormation or Packer) with a good partitioning scheme?

asked 12 days ago33 views
1 Answer

You can replace a root volume, but I suspect that is not what you are trying to do.

I would suggest you think about it differently. The root volume should only contain the minimal OS for meeting your requirements for the security and operational considerations you are referring to. You can specify volumes in a Launch Template using block device mappings, then use the user data to mount those volumes.

profile picture
answered 12 days ago
  • But filling the / filesystem only because some "crazy" log filled /var is not so good. Especially if you have some "legacy" application, it's not easy to redirect all logs/data on another volume and you are always at risk to forget some of them.

  • Monitoring logging to prevent this from happening is both a security and a reliability best practice.

    That being said, you can also use symbolic links to ensure the logs are in a filesystem other than root.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions