Restrict number of EBS volumes created by an user.

0

is it possible to restrict the number of EBS volumes created by a user? Basically, I want to restrict the number of EBS volumes/EBS volume size created by a user using ec2/ EKS. so inactive EBS volumes can be cleanup by the user.

asked a year ago303 views
3 Answers
0

Hello.

The EC2 condition key is "ec2:volumeSize".
I believe it is possible to limit the size of the volume by using this.
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html#amazonec2-policy-keys

Perhaps the answer you are seeking is the one listed on stackoverflow.
https://stackoverflow.com/questions/49104681/how-to-limit-ec2-ebs-volume-size-for-ec2runinstances-in-iam-policy

However, there was no conditional key limiting the number of volumes.

profile picture
EXPERT
answered a year ago
  • Hello,

    I'm interested in setting restrictions on the cumulative size of EBS volumes generated by a specific user. Essentially, I aim to enforce a quota for this user, ensuring they do not exceed a total of X EBS volumes or Y cumulative size of EBS volumes. I believe the provided link talks about limit on 1 EBS volume can be created.

0

Hello,

I'm interested in setting restrictions on the cumulative size of EBS volumes generated by a specific user. Essentially, I aim to enforce a quota for this user, ensuring they do not exceed a total of X EBS volumes or Y cumulative size of EBS volumes. I believe the provided link talks about limit on 1 EBS volume can be created.

answered a year ago
0

As far as I know to enforce quotas on the cumulative size or total count of EBS volumes, you would typically need to implement a custom solution. Heres several possible approaches to achieve this:

  • Implement a monitoring system that tracks the EBS volumes created by each user and calculates the cumulative size.
  • Develop a custom system or script that periodically checks the usage against predefined quotas. This system can compare the cumulative size and total count of EBS volumes against the user's quota.
  • Set up an alert and actions for when a user exceeds their quota. You can trigger actions like notifying the user, suspending their IAM permissions for EBS volume creation, or initiating cleanup processes.
  • Implement automated policies or processes to remove or resize EBS volumes when users exceed their quotas. Ensure that you have a well-defined policy for which volumes to remove or resize, and consider backup and data retention requirements.
  • Adjust the user's IAM permissions to limit their ability to create or modify EBS volumes once they reach their quota.
profile pictureAWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions