Amazon Web Services¶
aws CPI can be used with Amazon Web Services.
The following table maps BOSH concepts to their AWS-native equivalents.
|BOSH||Amazon Web Services|
|Availability Zone||Availability Zone|
|Virtual Machine||EC2 Instance|
|Network Subnet||VPC Subnet|
|Virtual IP||EC2 Elastic IP|
|Persistent Disk||EC2 EBS Volume|
|Disk Snapshot||EC2 EBS Snapshot|
|Stemcell||EC2 Amazon Machine Image|
|Agent Settings||EC2 Instance User Metadata; BOSH Registry|
The following sections describe some specific BOSH features supported by the CPI.
The CPI does not support multiple NICs being attached to a VM.
|Manual||Single network per instance|
|Dynamic||Single network per instance|
|VIP||Single network per instance|
AWS supports encryption functionality through their Key Management Service using both IaaS-managed or customer-managed keys. The
kms_key_arn settings can be set globally, or for specific disks and stemcells, to configure encryption settings.
|Platform||Disk Type||Encryption||Customer-managed Keys|
|Linux||Root Disk||Supported, v69+||Supported|
|Linux||Ephemeral Disk||Supported, v69+||Supported|
|Linux||Persistent Disk||Supported, v69+||Supported|
|Windows||Root Disk||Partially Supported (manual steps required)||Supported|
|Windows||Ephemeral Disk||Not Supported||n/a|
|Windows||Persistent Disk||Not Supported||n/a|
Key Rotation - since the CPI does not have insight into keys being rotated within AWS Console or
aws CLI commands, it is typically easiest to rotate keys by provisioning a new key and updating cloud properties to refer to the new ARN. Since cloud properties for a disk change, BOSH will create a new disk using the new key and migrate data onto the new disk.
|Native Disk Resize||Not Supported|
|Generic VM Resource Configuration||Supported, v56+|