Volume¶
-
class
aws_cdk.aws_ec2.
Volume
(scope, id, *, availability_zone, auto_enable_io=None, enable_multi_attach=None, encrypted=None, encryption_key=None, iops=None, size=None, snapshot_id=None, volume_name=None, volume_type=None)¶ Bases:
aws_cdk.core.Resource
Creates a new EBS Volume in AWS EC2.
- Parameters
scope (
Construct
) –id (
str
) –availability_zone (
str
) – The Availability Zone in which to create the volume.auto_enable_io (
Optional
[bool
]) – Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume’s data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it’s impaired, you can configure the volume to automatically enable I/O. Default: falseenable_multi_attach (
Optional
[bool
]) – Indicates whether Amazon EBS Multi-Attach is enabled. See {@link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html#considerations|Considerations and limitations} for the constraints of multi-attach. Default: falseencrypted (
Optional
[bool
]) – Specifies whether the volume should be encrypted. The effect of setting the encryption state to true depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see {@link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default|Encryption by Default} in the Amazon Elastic Compute Cloud User Guide. Encrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see {@link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances|Supported Instance Types.} Default: falseencryption_key (
Optional
[IKey
]) – The customer-managed encryption key that is used to encrypt the Volume. The encrypted property must be true if this is provided. Note: If using an {@link aws-kms.IKey} created from a {@link aws-kms.Key.fromKeyArn()} here, then the KMS key must have the following in its Key policy; otherwise, the Volume will fail to create:: { “Effect”: “Allow”, “Principal”: { “AWS”: “<arn for your account-user> ex: arn:aws:iam::00000000000:root” }, “Resource”: “*”, “Action”: [ “kms:DescribeKey”, “kms:GenerateDataKeyWithoutPlainText”, ], “Condition”: { “StringEquals”: { “kms:ViaService”: “ec2.<Region>.amazonaws.com”, (eg: ec2.us-east-1.amazonaws.com) “kms:CallerAccount”: “0000000000” (your account ID) } } } Default: The default KMS key for the account, region, and EC2 service is used.iops (
Union
[int
,float
,None
]) – The number of I/O operations per second (IOPS) to provision for the volume, with a maximum ratio of 50 IOPS/GiB. See {@link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html#EBSVolumeTypes_piops|Provisioned IOPS SSD (io1) volumes} for more information. This parameter is valid only for PROVISIONED_IOPS_SSD volumes. Default: None – Required for {@link EbsDeviceVolumeType.PROVISIONED_IOPS_SSD}size (
Optional
[Size
]) – The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. See {@link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html#ebs-volume-characteristics|Volume Characteristics} for details on the allowable size for each type of volume. Default: If you’re creating the volume from a snapshot and don’t specify a volume size, the default is the snapshot size.snapshot_id (
Optional
[str
]) – The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size. Default: The EBS volume is not created from a snapshot.volume_name (
Optional
[str
]) – The value of the physicalName property of this resource. Default: The physical name will be allocated by CloudFormation at deployment timevolume_type (
Optional
[EbsDeviceVolumeType
]) – The type of the volume; what type of storage to use to form the EBS Volume. Default: {@link EbsDeviceVolumeType.GENERAL_PURPOSE_SSD}
Methods
-
grant_attach_volume
(grantee, instances=None)¶ Grants permission to attach this Volume to an instance.
CAUTION: Granting an instance permission to attach to itself using this method will lead to an unresolvable circular reference between the instance role and the instance. Use {@link IVolume.grantAttachVolumeToSelf} to grant an instance permission to attach this volume to itself.
- Parameters
grantee (
IGrantable
) –instances (
Optional
[List
[IInstance
]]) –
- Return type
-
grant_attach_volume_by_resource_tag
(grantee, constructs, tag_key_suffix=None)¶ Grants permission to attach the Volume by a ResourceTag condition.
If you are looking to grant an Instance, AutoScalingGroup, EC2-Fleet, SpotFleet, ECS host, etc the ability to attach this volume to itself then this is the method you want to use.
This is implemented by adding a Tag with key
VolumeGrantAttach-<suffix>
to the given constructs and this Volume, and then conditioning the Grant such that the grantee is only given the ability to AttachVolume if both the Volume and the destination Instance have that tag applied to them.- Parameters
grantee (
IGrantable
) –constructs (
List
[Construct
]) –tag_key_suffix (
Optional
[str
]) –
- Return type
-
grant_detach_volume
(grantee, instances=None)¶ Grants permission to detach this Volume from an instance CAUTION: Granting an instance permission to detach from itself using this method will lead to an unresolvable circular reference between the instance role and the instance.
Use {@link IVolume.grantDetachVolumeFromSelf} to grant an instance permission to detach this volume from itself.
- Parameters
grantee (
IGrantable
) –instances (
Optional
[List
[IInstance
]]) –
- Return type
-
grant_detach_volume_by_resource_tag
(grantee, constructs, tag_key_suffix=None)¶ Grants permission to detach the Volume by a ResourceTag condition.
This is implemented via the same mechanism as {@link IVolume.grantAttachVolumeByResourceTag}, and is subject to the same conditions.
- Parameters
grantee (
IGrantable
) –constructs (
List
[Construct
]) –tag_key_suffix (
Optional
[str
]) –
- Return type
-
to_string
()¶ Returns a string representation of this construct.
- Return type
str
Attributes
-
availability_zone
¶ us-west-2a).
- Type
The availability zone that the EBS Volume is contained within (ex
- Return type
str
-
encryption_key
¶ The customer-managed encryption key that is used to encrypt the Volume.
- Return type
Optional
[IKey
]
-
env
¶ The environment this resource belongs to.
For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
- Return type
-
node
¶ The construct tree node associated with this construct.
- Return type
-
volume_id
¶ The EBS Volume’s ID.
- Return type
str
Static Methods
-
classmethod
from_volume_attributes
(scope, id, *, availability_zone, volume_id, encryption_key=None)¶ Import an existing EBS Volume into the Stack.
- Parameters
scope (
Construct
) – the scope of the import.id (
str
) – the ID of the imported Volume in the construct tree.availability_zone (
str
) – The availability zone that the EBS Volume is contained within (ex: us-west-2a).volume_id (
str
) – The EBS Volume’s ID.encryption_key (
Optional
[IKey
]) – The customer-managed encryption key that is used to encrypt the Volume. Default: None – The EBS Volume is not using a customer-managed KMS key for encryption.
- Return type
-
classmethod
is_construct
(x)¶ Return whether the given object is a Construct.
- Parameters
x (
Any
) –- Return type
bool