You are working as an AWS consultant on a government project.
A local data center needs to be migrated to AWS, and EBS volumes are attached to EC2 instances as the primary storage devices. The stored data is very sensitive.
If EBS volumes are deleted, data in EBS volumes should be completed wiped out before reuse. Which action would you need to take to address the concern?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer: C.
Option A is incorrect because AWS users are assured that the data is wiped before reuse.
It is not required to replace EBS with EFS.
Option B is incorrect because, on Volume deletion, AWS ensures it wipes away all the data before being made available.
Customers are still encouraged to delete the data from their EBS storage before deleting those volumes.
Option C is CORRECT because no actions are required from the customer side when EBS volumes have been deleted from their end.
Before making those EBS volumes reusable/available to other customers, AWS clears the EBS volumes.
Option D is incorrect because S3 provides Object storage, whereas EBS is block storage attached to a VM.
We cannot alter the storage type usage because of the data deletion solution.
Reference:
https://d1.awsstatic.com/whitepapers/Security/Security_Compute_Services_Whitepaper.pdf.The correct answer to this question is B. It is the customer's responsibility to wipe out the data before deleting the EBS volumes. Tools like "shred" can be used to wipe files and partitions.
Explanation:
When EBS volumes are deleted, AWS does not guarantee that the data is completely wiped out before reuse. This is a concern when the stored data is sensitive and must be protected from unauthorized access.
The responsibility to ensure that the data is completely wiped out before deleting the EBS volumes falls on the customer. The customer must take steps to ensure that the data is completely wiped out using tools like "shred" to wipe files and partitions.
Option A is incorrect because EFS is a file storage service and is not used for wiping data. EFS does not have any features to wipe data automatically.
Option C is incorrect because AWS does not wipe the data of EBS volumes before the volumes are available for reuse. This is the responsibility of the customer.
Option D is incorrect because S3 is an object storage service and is not a replacement for EBS volumes as primary storage devices. S3 can be used to store a large amount of data, but it is not suitable for storing data that needs to be accessed frequently and with low latency.
In summary, when using EBS volumes as primary storage devices, the customer is responsible for wiping out the data before deleting the volumes using tools like "shred".