MountableBlockVolume

class aws_rfdk.MountableBlockVolume(scope, *, block_volume, extra_mount_options=None, volume_format=None)

Bases: object

This class encapsulates scripting that can be used by an instance to mount, format, and resize an Amazon Elastic Block Store (EBS) Volume to itself when it is launched.

The scripting is added to the instance’s UserData to be run when the instance is first launched.

The script that is employed by this class will:

  1. Attach the volume to this instance if it is not already attached;

  2. Format the block volume to the filesystem format that’s passed as an argument to this script but, ONLY IF the filesystem has no current format;

  3. Mount the volume to the given mount point with the given mount options; and

  4. Resize the filesystem on the volume if the volume is larger than the formatted filesystem size.

Note: This does NOT support multiple partitions on the EBS Volume; the script will exit with a failure code when it detects multiple partitions on the device. It is expected that the whole block device is a single partition.

Security Considerations

  • Using this construct on an instance will result in that instance dynamically downloading and running scripts from your CDK bootstrap bucket when that instance is launched. You must limit write access to your CDK bootstrap bucket to prevent an attacker from modifying the actions performed by these scripts. We strongly recommend that you either enable Amazon S3 server access logging on your CDK bootstrap bucket, or enable AWS CloudTrail on your account to assist in post-incident analysis of compromised production environments.

Remark

If using this script with an instance within an AWS Auto Scaling Group (ASG) and you resize the EBS volume, then you can terminate the instance to let the ASG replace the instance and benefit from the larger volume size when this script resizes the filesystem on instance launch.

Parameters

  • scope (Construct) –

  • block_volume (IVolume) – The {@link https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.Volume.htmlEBS Block Volume} that will be mounted by this object.

  • extra_mount_options (Optional[Sequence[str]]) – Extra mount options that will be added to /etc/fstab for the file system. See the Linux man page for mounting the Volume’s file system type for information on available options. The given values will be joined together into a single string by commas. ex: [‘soft’, ‘rsize=4096’] will become ‘soft,rsize=4096’ Default: No extra options.

  • volume_format (Optional[BlockVolumeFormat]) – The filesystem format of the block volume. Default: BlockVolumeFormat.XFS

Methods

mount_to_linux_instance(target, *, location, permissions=None)

Mount the filesystem to the given instance at instance startup.

This is accomplished by adding scripting to the UserData of the instance to mount the filesystem on startup. If required, the instance’s security group is granted ingress to the filesystem’s security group on the required ports.

Parameters

  • target (IMountingInstance) –

  • location (str) – Directory for the mount point.

  • permissions (Optional[MountPermissions]) – File permissions for the mounted filesystem. Default: MountPermissions.READWRITE

Inheritdoc

true

Return type

None

uses_user_posix_permissions()

Returns whether the mounted file-system evaluates the UID/GID of the system user accessing the file-system.

Some network file-systems provide features to fix a UID/GID for all access to the mounted file-system and ignore the system user accessing the file. If this is the case, an implementing class must indicate this in the return value.

Inheritdoc

true

Return type

bool