volumes
Creates, updates, deletes or gets a volume resource or lists volumes in a region
Overview
| Name | volumes |
| Type | Resource |
| Description | Specifies an Amazon Elastic Block Store (Amazon EBS) volume. When you use CFNlong to update an Amazon EBS volume that modifies ``Iops``, ``Size``, or ``VolumeType``, there is a cooldown period before another operation can occur. This can cause your stack to report being in ``UPDATE_IN_PROGRESS`` or ``UPDATE_ROLLBACK_IN_PROGRESS`` for long periods of time. Amazon EBS does not support sizing down an Amazon EBS volume. CFNlong does not attempt to modify an Amazon EBS volume to a smaller size on rollback. Some common scenarios when you might encounter a cooldown period for Amazon EBS include: + You successfully update an Amazon EBS volume and the update succeeds. When you attempt another update within the cooldown window, that update will be subject to a cooldown period. + You successfully update an Amazon EBS volume and the update succeeds but another change in your ``update-stack`` call fails. The rollback will be subject to a cooldown period. For more information, see [Requirements for EBS volume modifications](https://docs.aws.amazon.com/ebs/latest/userguide/modify-volume-requirements.html). *DeletionPolicy attribute* To control how CFNlong handles the volume when the stack is deleted, set a deletion policy for your volume. You can choose to retain the volume, to delete the volume, or to create a snapshot of the volume. For more information, see [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html). If you set a deletion policy that creates a snapshot, all tags on the volume are included in the snapshot. |
| Id | awscc.ec2.volumes |
Fields
| Name | Datatype | Description |
|---|---|---|
multi_attach_enabled | boolean | Indicates whether Amazon EBS Multi-Attach is enabled.<br />CFNlong does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume. |
kms_key_id | string | The identifier of the kms-key-long to use for Amazon EBS encryption. If ``KmsKeyId`` is specified, the encrypted state must be ``true``.<br />If you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to ``true``, then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the aws-managed-key.<br />Alternatively, if you want to specify a different key, you can specify one of the following:<br />+ Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.<br />+ Key alias. Specify the alias for the key, prefixed with ``alias/``. For example, for a key with the alias ``my_cmk``, use ``alias/my_cmk``. Or to specify the aws-managed-key, use ``alias/aws/ebs``.<br />+ Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.<br />+ Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. |
encrypted | boolean | Indicates whether the volume should be encrypted. The effect of setting the encryption state to ``true`` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide*.<br />Encrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances). |
size | integer | The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.<br />The following are the supported volumes sizes for each volume type:<br />+ ``gp2`` and ``gp3``: 1 - 16,384 GiB<br />+ ``io1``: 4 - 16,384 GiB<br />+ ``io2``: 4 - 65,536 GiB<br />+ ``st1`` and ``sc1``: 125 - 16,384 GiB<br />+ ``standard``: 1 - 1024 GiB |
auto_enable_io | boolean | Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O. |
outpost_arn | string | The Amazon Resource Name (ARN) of the Outpost. |
availability_zone | string | The ID of the Availability Zone in which to create the volume. For example, ``us-east-1a``.<br />Either ``AvailabilityZone`` or ``AvailabilityZoneId`` must be specified, but not both. |
throughput | integer | The throughput to provision for a volume, with a maximum of 1,000 MiB/s.<br />This parameter is valid only for ``gp3`` volumes. The default value is 125.<br />Valid Range: Minimum value of 125. Maximum value of 1000. |
iops | integer | The number of I/O operations per second (IOPS). For ``gp3``, ``io1``, and ``io2`` volumes, this represents the number of IOPS that are provisioned for the volume. For ``gp2`` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.<br />The following are the supported values for each volume type:<br />+ ``gp3``: 3,000 - 16,000 IOPS<br />+ ``io1``: 100 - 64,000 IOPS<br />+ ``io2``: 100 - 256,000 IOPS<br /><br />For ``io2`` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html). On other instances, you can achieve performance up to 32,000 IOPS.<br />This parameter is required for ``io1`` and ``io2`` volumes. The default for ``gp3`` volumes is 3,000 IOPS. This parameter is not supported for ``gp2``, ``st1``, ``sc1``, or ``standard`` volumes. |
volume_initialization_rate | integer | Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization*. Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation.<br />This parameter is supported only for volumes created from snapshots. Omit this parameter if:<br />+ You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation.<br />If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore.<br />+ You want to create a volume that is initialized at the default rate.<br /><br />For more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide*.<br />Valid range: 100 - 300 MiB/s |
snapshot_id | string | The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size. |
volume_id | string | |
volume_type | string | The volume type. This parameter can be one of the following values:<br />+ General Purpose SSD: ``gp2`` | ``gp3``<br />+ Provisioned IOPS SSD: ``io1`` | ``io2``<br />+ Throughput Optimized HDD: ``st1``<br />+ Cold HDD: ``sc1``<br />+ Magnetic: ``standard``<br /><br />For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html).<br />Default: ``gp2`` |
tags | array | The tags to apply to the volume during creation. |
region | string | AWS region. |
For more information, see AWS::EC2::Volume.
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | AvailabilityZone, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all properties from an individual volume.
SELECT
region,
multi_attach_enabled,
kms_key_id,
encrypted,
size,
auto_enable_io,
outpost_arn,
availability_zone,
throughput,
iops,
volume_initialization_rate,
snapshot_id,
volume_id,
volume_type,
tags
FROM awscc.ec2.volumes
WHERE region = 'us-east-1' AND data__Identifier = '<VolumeId>';
INSERT example
Use the following StackQL query and manifest file to create a new volume resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.ec2.volumes (
AvailabilityZone,
region
)
SELECT
'{{ AvailabilityZone }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.ec2.volumes (
MultiAttachEnabled,
KmsKeyId,
Encrypted,
Size,
AutoEnableIO,
OutpostArn,
AvailabilityZone,
Throughput,
Iops,
VolumeInitializationRate,
SnapshotId,
VolumeType,
Tags,
region
)
SELECT
'{{ MultiAttachEnabled }}',
'{{ KmsKeyId }}',
'{{ Encrypted }}',
'{{ Size }}',
'{{ AutoEnableIO }}',
'{{ OutpostArn }}',
'{{ AvailabilityZone }}',
'{{ Throughput }}',
'{{ Iops }}',
'{{ VolumeInitializationRate }}',
'{{ SnapshotId }}',
'{{ VolumeType }}',
'{{ Tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: volume
props:
- name: MultiAttachEnabled
value: '{{ MultiAttachEnabled }}'
- name: KmsKeyId
value: '{{ KmsKeyId }}'
- name: Encrypted
value: '{{ Encrypted }}'
- name: Size
value: '{{ Size }}'
- name: AutoEnableIO
value: '{{ AutoEnableIO }}'
- name: OutpostArn
value: '{{ OutpostArn }}'
- name: AvailabilityZone
value: '{{ AvailabilityZone }}'
- name: Throughput
value: '{{ Throughput }}'
- name: Iops
value: '{{ Iops }}'
- name: VolumeInitializationRate
value: '{{ VolumeInitializationRate }}'
- name: SnapshotId
value: '{{ SnapshotId }}'
- name: VolumeType
value: '{{ VolumeType }}'
- name: Tags
value:
- Key: '{{ Key }}'
Value: '{{ Value }}'
DELETE example
/*+ delete */
DELETE FROM awscc.ec2.volumes
WHERE data__Identifier = '<VolumeId>'
AND region = 'us-east-1';
Permissions
To operate on the volumes resource, the following permissions are required:
Read
ec2:DescribeVolumes,
ec2:DescribeVolumeAttribute,
ec2:DescribeTags
Create
ec2:CreateVolume,
ec2:DescribeVolumes,
ec2:DescribeVolumeAttribute,
ec2:ModifyVolumeAttribute,
ec2:CreateTags,
kms:GenerateDataKeyWithoutPlaintext,
kms:CreateGrant
Update
ec2:ModifyVolume,
ec2:ModifyVolumeAttribute,
ec2:DescribeVolumeAttribute,
ec2:DescribeVolumesModifications,
ec2:DescribeVolumes,
ec2:CreateTags,
ec2:DeleteTags
List
ec2:DescribeVolumes,
ec2:DescribeTags,
ec2:DescribeVolumeAttribute
Delete
ec2:DeleteVolume,
ec2:CreateSnapshot,
ec2:DescribeSnapshots,
ec2:DeleteTags,
ec2:DescribeVolumes