Amazon Elastic Block Storage
Least Privileged User
Navigate to the AWS console and create an IAM user with programmatic access. The user will need the following permissions. You can create a policy specifically for these permissions and apply the permissions to the user.
For more information, see: High Level AWS Source Configuration
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ec2:DescribeVolumeStatus",
"ec2:DescribeVolumes",
"ec2:DescribeVolumesModifications",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics",
"ec2:DescribeVolumeAttribute"
],
"Resource": "*"
}
]
}
Connection Parameters
| Name | Required? | Description |
|---|---|---|
| Region | ||
| Access Key ID | Required | |
| Secret Access Key | Required | |
| Additional Threads | The number of additional threads allowed to be utilized during collection. | |
| Request Timeout (seconds) | The number of seconds to allow for the API to return a response. | |
| Collect CloudWatch Metrics | ||
| CloudWatch Historic Mode | If enabled, retrieves a history of data points from CloudWatch. Otherwise, collects only the most recent data point for each metric. | |
| Snapshot Collection Type | Specify which set of Snapshots to return. | |
| Snapshot Tag Filter | If this field is not specified, all snapshots will be returned. If specified, only snapshots with the matching tags will return. Include as a comma separated list of tagKey=expectedValue. If you want all snapshots with the tag key regardless of value, specify with an empty string after the =. For example, Name=,Type=base will return all snapshots that have a name and have a type specified as base. Tags are AND operations, not OR. Only snapshots that match all of the filters will be returned. |
Metrics
Snapshot
| Name | Description |
|---|---|
| Data Encryption Key ID | The data encryption key identifier for the snapshot. This value is a unique identifier that corresponds to the data encryption key that was used to encrypt the original volume or snapshot copy. Because data encryption keys are inherited by volumes created from snapshots, and vice versa, if snapshots share the same data encryption key identifier, then they belong to the same volume/snapshot lineage. |
| Description | The description for the snapshot. |
| Encrypted | Indicates whether the snapshot is encrypted. |
| ID | The ID of the snapshot. Each snapshot receives a unique identifier when it is created. |
| KMS Key ID | The full ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the parent volume. |
| Owner Alias | Value from an Amazon-maintained list (amazon | aws-marketplace | microsoft) of snapshot owners. Not to be confused with the user-configured AWS account alias, which is set from the IAM console. |
| Owner ID | The AWS account ID of the EBS snapshot owner. |
| Progress | The progress of the snapshot, as a percentage. |
| Region | The AWS Region this object belongs to. |
| Start Time | The time stamp when the snapshot was initiated. |
| State | The snapshot state. |
| State Message | This field displays error state details to help you diagnose why the error occurred. |
| Tags | The tags attached to this object. |
| Volume ID | The ID of the volume that was used to create the snapshot. Snapshots created by the CopySnapshot action have an arbitrary volume ID that should not be used for any purpose. |
| Volume Size (Gibibytes) | The size of the volume, in GiB. |
Volume
| Name | Description |
|---|---|
| Availability Zone | The Availability Zone in which the volume resides. |
| Average Read Size (Bytes) | The average size of each I/O operation during the period. |
| Average Write Size (Bytes) | The average size of each I/O operation during the period. |
| Burst Balance (%) | Provides information about the percentage of I/O credits (for gp2) or throughput credits (for st1 and sc1) remaining in the burst bucket. |
| Encrypted | Indicates whether the volume will be encrypted. |
| Id | The identifier associated with the volume. |
| Idle Time (Seconds) | The total number of seconds in a specified period of time when no read or write operations were submitted. |
| I/O Rate (per Second) | The number of I/O operations per time unit that the volume supports. |
| KMS Key ID | The full ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the volume. |
| Queue Length (Operations) | The number of read and write operation requests waiting to be completed in a specified period of time. |
| Region | The AWS Region this object belongs to. |
| Size (Gibibytes) | The amount of storage space on the volume. |
| Snapshot ID | The snapshot from which the volume was created. |
| State | The current state of the volume. |
| Status | The status of the volume. |
| Tags | The tags attached to this object. |
| Total Read Data (Bytes) | The total number of bytes transferred during the period. |
| Total Read Operations (Operations) | The total number of I/O operations in the specified period of time. |
| Total Read Time (Seconds) | The total time spent by all operations that completed in a specified period of time. If multiple requests are submitted at the same time, this total could be greater than the length of the period. |
| Total Write Data (Bytes) | The total number of bytes transferred during the period. |
| Total Write Operations (Operations) | The total number of I/O operations in a specified period of time. |
| Total Write Time (Seconds) | The total time spent by all operations that completed in a specified period of time. If multiple requests are submitted at the same time, this total could be greater than the length of the period. |
| Type | The volume type. |
Updated over 3 years ago