EBS

• An EBS volume is a durable, block-level storage device that you can attach to your instances that have been wiped prior to being made available for use.

• After you attach a volume to an instance, you can use it as you would use a physical hard drive.

• For current-generation volumes attached to current-generation instance types, you can dynamically increase size, modify the provisioned IOPS capacity, and change volume type on live production volumes.

• You can create a file system on top of EBS volumes, or use them in any other way you would use a block device (like a hard drive).

EBS Security

• Data stored in EBS volumes is redundantly stored in multiple physical locations as part of normal operation of those services and at no additional charge.

• However, EBS replication is stored within the same availability zone, not across multiple zones; therefore, it is highly recommended that you conduct regular snapshots to S3 for long-term data durability.

• If you have procedures requiring that all data be wiped via a specific method, such as those detailed in NIST 800-88 (“Guidelines for Media Sanitization”), you have the ability to do so on EBS.

• You should conduct a specialized wipe procedure prior to deleting the volume for compliance with your established requirements.