AWS Hands-On | EC2 Instance Storage | EBS Snapshots & Multi-Attach

📌 Notice

This is a hands-on tutorial accompanying the blog post:

“Pass the AWS Certified Solutions Architect Associate Certification SAA-C03-(Episode 6: EC2 Instance Storage)”

🔹 Focus: Practical implementation of EBS Snapshots & Multi Attach.
🔹 For theoretical concepts and exam-style questions, please refer to the main blog post (link to parent blog).

Here’s a step-by-step explanation of the EBS Snapshots & Multi-Attach

1. Creating an EBS Snapshot

AWS Console Steps:

1. Go to EC2 Dashboard

• Navigate to Elastic Block Store > Volumes.

2. Select the EBS Volume

• Check the volume you want to back up.

• Create Snapshot
• Click Actions > Create snapshot.
• Configure Snapshot
• Description: (Optional) e.g., prod-db-backup-2024
• Tags: Add Name or Backup-Type for organization.
• Click “Create Snapshot”

• The snapshot will appear under Elastic Block Store > Snapshots.

Best Practices:

• No need to detach volume, but ensure minimal writes during snapshotting.
• Use Archive Tier (75% cheaper) for long-term backups (restore takes 24–72 hrs).
• Enable Recycle Bin to recover accidentally deleted snapshots.

2. Copying Snapshots Across AZ/Region

• Go to EC2 > Snapshots
• Select Snapshot : Click Actions > Copy snapshot.

• Configure Destination
• Destination Region: Select target AWS region.
• Description: (Optional) e.g., DR-copy-us-west-2.
• Click “Copy Snapshot”
• The copied snapshot will appear in the destination region.

Use Cases:

• Disaster Recovery (DR): Keep backups in another region.
• Migration: Move data to a new AWS region.

3. Restoring a Snapshot to a New Volume

• Go to EC2 > Snapshots
• Select Snapshot > Click Actions > Create volume.

• Configure Volume
• Volume Type: Choose gp3, io1, or io2 (for Multi-Attach).

• Size: Can be ≥ original (but not smaller).
• Availability Zone: Must match target EC2 instance’s AZ.
• Click “Create Volume”
• The new volume appears under EBS > Volumes.

4. Attach to an EC2 Instance:

1. Select the new volume > Actions > Attach volume.
2. Choose the Instance ID and specify a device name (e.g., /dev/sdf).

Move Snapshot to Archive Tier (75% cheaper)

Find your snapshot:

• In the EC2 console, go to “Snapshots” under “Elastic Block Store”
• Select the snapshot you want to archive

Modify tier:

• Click “Actions” → “Archive snapshot”
• Confirm the action in the dialog box

Verify:

• The snapshot’s “Storage tier” will change to “Archive”
• Note that restores from Archive take 24–72 hours

Enable Recycle Bin for Snapshots

Navigate to Recycle Bin:

• In the EC2 console, goto snapshot, find “Recycle Bin” in the left navigation top pane

Create retention rule:

• Click “Create retention rule”
• Configure:

1. Retention rule name : eg — demo-rule
2. Resource type: “EBS Snapshots”
3. Retention period: Set between 1 day to 1 year
4. (Optional) Add filters for specific snapshots

• Click “Create rule”

Verify deleted snapshots:

• When you delete a snapshot matching your rule, it will appear in Recycle Bin
• You can recover it during the retention period

Enable Fast Snapshot Restore (FSR)

Navigate to Fast Snapshot Restore:

• In the EC2 console, find “Fast Snapshot Restore” under “Elastic Block Store”

Create FSR:

• Click “Manage Fast Snapshot Restore”
• Select the snapshot you want to enable FSR for
• Select the Availability Zones where you want FSR enabled
• Click “Enable”

Monitor status:

• The status will change from “enabling” to “enabled” (may take several minutes)
• Once enabled, any volume created from this snapshot in the specified AZs will have no latency on first use

EBS Multi-Attach — io1/io2 family

📌 Prerequisites

1. Volume Type: Only io1 or io2 (including io2 Block Express) support Multi-Attach.
2. File System: Requires a cluster-aware file system (e.g., XFS, GFS2, or OCFS2) to avoid corruption.
3. Instance OS: Linux or Windows (with proper file system support).
4. Same AZ: All EC2 instances must be in the same Availability Zone as the volume.

🔧 Step 1: Create a Multi-Attach Enabled EBS Volume

https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volumes-multi.html?icmpid=docs_ec2_console

1. Go to EC2 Dashboard → Volumes → Create Volume.
2. Configure:

• Volume Type: io1 or io2
• Size: (Minimum 4 GiB for io1, 4 GiB for io2)
• IOPS: Set based on workload (e.g., 1000 IOPS for io1, 500 IOPS for io2)
• Availability Zone: Select the AZ where your EC2 instances are.
• Multi-Attach: Enable (Checkbox)
• (Optional) Encryption: Enable if needed.

3. Click Create Volume.

🔧 Step 2: Attach Volume to Multiple EC2 Instances

1. Go to EC2 Dashboard → Volumes → Select your Multi-Attach volume.
2. Click Actions → Attach Volume.
3. Select Instance 1, choose a device name (e.g., /dev/sdf), and click Attach.
4. Repeat for Instance 2, Instance 3, etc. (up to 16 instances).

• Each instance must have a unique device name (e.g., /dev/sdg, /dev/sdh).

Note : The EC2 instance only visible if volume and instance are in same availability zone

🔐 Step 1: Create a Snapshot of the Unencrypted Volume

1. Go to EC2 Dashboard → Elastic Block Store → Volumes.
2. Select the unencrypted volume you want to encrypt.
3. Click Actions → Create Snapshot.
4. Enter a description (e.g., “Pre-encryption backup”).

Click Create Snapshot. (Wait for the snapshot status to change from pending to completed.)

🔏 Step 2: Encrypt the Snapshot (Using Copy)

1. Go to EC2 Dashboard → Elastic Block Store → Snapshots.
2. Select the unencrypted snapshot you just created.
3. Click Actions → Copy Snapshot.
4. Configure:

• Destination Region: Same as source (or different if needed).
• Encryption: Enable.
• KMS Key: Choose AWS-managed key (aws/ebs) or a custom KMS key.

Click Copy Snapshot. (Wait for the encrypted copy to complete. Check the “Encrypted” column.)

🔄 Step 3: Create a New Encrypted Volume from the Snapshot

1. Go to EC2 Dashboard → Elastic Block Store → Snapshots.
2. Select the encrypted snapshot you created.
3. Click Actions → Create Volume.
4. Configure:

• Volume Type: Same as original (e.g., gp3, io1).
• Size: Same or modify if needed.
• Availability Zone: Same as your EC2 instance (critical for attachment).
• Encryption: Already enabled (inherited from snapshot).

Click Create Volume.

⚡ Step 4: Attach the Encrypted Volume to Your Instance

1. Go to EC2 Dashboard → Volumes.
2. Select the new encrypted volume.
3. Click Actions → Attach Volume.
4. Select:

• Instance: Your original EC2 instance.
• Device name: Same as before (e.g., /dev/sdf).

Click Attach Volume.

🛠️ Step 5: Verify Encryption & Data Integrity

1. SSH into your EC2 instance.
2. Check if the volume is attached:

lsblk

• Mount the volume (if not auto-mounted):

sudo mount /dev/xvdf /mnt/data

1. Verify files are intact.

♻️ (Optional) Clean Up Old Resources

1. Detach & delete the old unencrypted volume (if no longer needed).
2. Delete the unencrypted snapshot (if no backups required).

To stay informed on the latest technical insights and tutorials, connect with me on Medium and LinkedIn. For professional inquiries or technical discussions, please contact me via email. I welcome the opportunity to engage with fellow professionals and address any questions you may have.