EbsDeviceOptions

class aws_cdk.aws_ec2.EbsDeviceOptions(*, delete_on_termination=None, iops=None, volume_type=None, encrypted=None, kms_key=None)

Bases: EbsDeviceOptionsBase

Block device options for an EBS volume.

Parameters:
  • delete_on_termination (Optional[bool]) – Indicates whether to delete the volume when the instance is terminated. Default: - true for Amazon EC2 Auto Scaling, false otherwise (e.g. EBS)

  • iops (Union[int, float, None]) – The number of I/O operations per second (IOPS) to provision for the volume. Must only be set for volumeType: EbsDeviceVolumeType.IO1 The maximum ratio of IOPS to volume size (in GiB) is 50:1, so for 5,000 provisioned IOPS, you need at least 100 GiB storage on the volume. Default: - none, required for EbsDeviceVolumeType.IO1

  • volume_type (Optional[EbsDeviceVolumeType]) – The EBS volume type. Default: EbsDeviceVolumeType.GENERAL_PURPOSE_SSD or EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3 if @aws-cdk/aws-ec2:ebsDefaultGp3Volume is enabled.

  • encrypted (Optional[bool]) – Specifies whether the EBS volume is encrypted. Encrypted EBS volumes can only be attached to instances that support Amazon EBS encryption Default: false

  • kms_key (Optional[IKey]) – The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption. You have to ensure that the KMS CMK has the correct permissions to be used by the service launching the ec2 instances. Default: - If encrypted is true, the default aws/ebs KMS key will be used.

ExampleMetadata:

fixture=with-vpc infused

Example:

host = ec2.BastionHostLinux(self, "BastionHost",
    vpc=vpc,
    block_devices=[ec2.BlockDevice(
        device_name="/dev/sdh",
        volume=ec2.BlockDeviceVolume.ebs(10,
            encrypted=True
        )
    )]
)

Attributes

delete_on_termination

Indicates whether to delete the volume when the instance is terminated.

Default:
  • true for Amazon EC2 Auto Scaling, false otherwise (e.g. EBS)

encrypted

Specifies whether the EBS volume is encrypted.

Encrypted EBS volumes can only be attached to instances that support Amazon EBS encryption

Default:

false

See:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances

iops

The number of I/O operations per second (IOPS) to provision for the volume.

Must only be set for volumeType: EbsDeviceVolumeType.IO1

The maximum ratio of IOPS to volume size (in GiB) is 50:1, so for 5,000 provisioned IOPS, you need at least 100 GiB storage on the volume.

Default:
  • none, required for EbsDeviceVolumeType.IO1

See:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html

kms_key

The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.

You have to ensure that the KMS CMK has the correct permissions to be used by the service launching the ec2 instances.

Default:
  • If encrypted is true, the default aws/ebs KMS key will be used.

See:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#ebs-encryption-requirements

volume_type

The EBS volume type.

Default:

EbsDeviceVolumeType.GENERAL_PURPOSE_SSD or EbsDeviceVolumeType.GENERAL_PURPOSE_SSD_GP3 if @aws-cdk/aws-ec2:ebsDefaultGp3Volume is enabled.

See:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html