As a cloud engineer team we take care of AWS env and make sure it is in compliance with the organizational policies. We use AWS Cloud Watch in combination with AWS Lambda to govern the resources according to the policies. For Ex: We trigger a Lambda Function when an Amazon Elastic Block Store(EBS) volume is created. We use CloudWatch events. It allows us to monitor and respon to EBS volumes that are of type Gp2 and convert them to GP3.
So the company policy is to use gp3 type only as it is faster and other things. So anyone who is creating an EBS will need to make gp3 itself and if they don't for any reason it should automatically trigger a event and create the right type - gp3.
1)We need to create a Lambda function
2)Create Aws cloudwatch
3)Integrate cloudwatch with Lambda function - so that lambda function gets triggered by cloudwatch when EBS volume is created.
Create a Lambda Function
Make sure to test the test-event to see if lambda function is working
Configure a CloudWatch rule to trigger a lambda function - > CloudWatch -> Events -> Rule - > Create Rule
Attach the target lambda function (ebs-volume-check)
Add the script to convert to gp3 in lambda
GO to IAM to give the role
give the actions
Now create a gp2 volume
