aws-cdk-lib.aws_ec2.IVolume

interface IVolume

LanguageType name
.NETAmazon.CDK.AWS.EC2.IVolume
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsec2#IVolume
Javasoftware.amazon.awscdk.services.ec2.IVolume
Pythonaws_cdk.aws_ec2.IVolume
TypeScript (source)aws-cdk-lib » aws_ec2 » IVolume

Implemented by Volume

Obtainable from Volume.fromVolumeAttributes()

An EBS Volume in AWS EC2.

Properties

NameTypeDescription
availabilityZonestringThe availability zone that the EBS Volume is contained within (ex: us-west-2a).
envResourceEnvironmentThe environment this resource belongs to.
nodeNodeThe tree node.
stackStackThe stack in which this resource is defined.
volumeIdstringThe EBS Volume's ID.
encryptionKey?IKeyThe customer-managed encryption key that is used to encrypt the Volume.

availabilityZone

Type: string

The availability zone that the EBS Volume is contained within (ex: us-west-2a).


env

Type: ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.


node

Type: Node

The tree node.


stack

Type: Stack

The stack in which this resource is defined.


volumeId

Type: string

The EBS Volume's ID.


encryptionKey?

Type: IKey (optional)

The customer-managed encryption key that is used to encrypt the Volume.

Methods

NameDescription
applyRemovalPolicy(policy)Apply the given removal policy to this resource.
grantAttachVolume(grantee, instances?)Grants permission to attach this Volume to an instance.
grantAttachVolumeByResourceTag(grantee, constructs, tagKeySuffix?)Grants permission to attach the Volume by a ResourceTag condition.
grantDetachVolume(grantee, instances?)Grants permission to detach this Volume from an instance CAUTION: Granting an instance permission to detach from itself using this method will lead to an unresolvable circular reference between the instance role and the instance.
grantDetachVolumeByResourceTag(grantee, constructs, tagKeySuffix?)Grants permission to detach the Volume by a ResourceTag condition.

applyRemovalPolicy(policy)

public applyRemovalPolicy(policy: RemovalPolicy): void

Parameters

  • policy RemovalPolicy

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).


grantAttachVolume(grantee, instances?)

public grantAttachVolume(grantee: IGrantable, instances?: IInstance[]): Grant

Parameters

  • grantee IGrantable — the principal being granted permission.
  • instances IInstance[] — the instances to which permission is being granted to attach this volume to.

Returns

  • Grant

Grants permission to attach this Volume to an instance.

CAUTION: Granting an instance permission to attach to itself using this method will lead to an unresolvable circular reference between the instance role and the instance. Use IVolume.grantAttachVolumeToSelf to grant an instance permission to attach this volume to itself.


grantAttachVolumeByResourceTag(grantee, constructs, tagKeySuffix?)

public grantAttachVolumeByResourceTag(grantee: IGrantable, constructs: Construct[], tagKeySuffix?: string): Grant

Parameters

  • grantee IGrantable — the principal being granted permission.
  • constructs Construct[] — The list of constructs that will have the generated resource tag applied to them.
  • tagKeySuffix string — A suffix to use on the generated Tag key in place of the generated hash value.

Returns

  • Grant

Grants permission to attach the Volume by a ResourceTag condition.

If you are looking to grant an Instance, AutoScalingGroup, EC2-Fleet, SpotFleet, ECS host, etc the ability to attach this volume to itself then this is the method you want to use.

This is implemented by adding a Tag with key VolumeGrantAttach-<suffix> to the given constructs and this Volume, and then conditioning the Grant such that the grantee is only given the ability to AttachVolume if both the Volume and the destination Instance have that tag applied to them.


grantDetachVolume(grantee, instances?)

public grantDetachVolume(grantee: IGrantable, instances?: IInstance[]): Grant

Parameters

  • grantee IGrantable — the principal being granted permission.
  • instances IInstance[] — the instances to which permission is being granted to detach this volume from.

Returns

  • Grant

Grants permission to detach this Volume from an instance CAUTION: Granting an instance permission to detach from itself using this method will lead to an unresolvable circular reference between the instance role and the instance.

Use IVolume.grantDetachVolumeFromSelf to grant an instance permission to detach this volume from itself.


grantDetachVolumeByResourceTag(grantee, constructs, tagKeySuffix?)

public grantDetachVolumeByResourceTag(grantee: IGrantable, constructs: Construct[], tagKeySuffix?: string): Grant

Parameters

  • grantee IGrantable — the principal being granted permission.
  • constructs Construct[] — The list of constructs that will have the generated resource tag applied to them.
  • tagKeySuffix string — A suffix to use on the generated Tag key in place of the generated hash value.

Returns

  • Grant

Grants permission to detach the Volume by a ResourceTag condition.

This is implemented via the same mechanism as IVolume.grantAttachVolumeByResourceTag, and is subject to the same conditions.