Skip to content

Amazon Web Services

The aws CPI can be used with Amazon Web Services.

Concepts

The following table maps BOSH concepts to their AWS-native equivalents.

BOSH Amazon Web Services
Availability Zone Availability Zone
Virtual Machine EC2 Instance
Network Subnet VPC Subnet
Virtual IP EC2 Elastic IP
Persistent Disk EC2 EBS Volume
Disk Snapshot EC2 EBS Snapshot
Stemcell EC2 Amazon Machine Image
Agent Settings EC2 Instance User Metadata; BOSH Registry

Feature Support

The following sections describe some specific BOSH features supported by the CPI.

Network

The CPI does not support multiple NICs being attached to a VM.

Network Type Support
Manual Single network per instance
Dynamic Single network per instance
VIP Single network per instance

Encryption

AWS supports encryption functionality through their Key Management Service using both IaaS-managed or customer-managed keys. The encrypted and kms_key_arn settings can be set globally, or for specific disks and stemcells, to configure encryption settings.

Platform Disk Type Encryption Customer-managed Keys
Linux Root Disk Supported, v69+ Supported
Linux Ephemeral Disk Supported, v69+ Supported
Linux Persistent Disk Supported, v69+ Supported
Windows Root Disk Partially Supported (manual steps required) Supported
Windows Ephemeral Disk Not Supported n/a
Windows Persistent Disk Not Supported n/a

Key Rotation - since the CPI does not have insight into keys being rotated within AWS Console or aws CLI commands, it is typically easiest to rotate keys by provisioning a new key and updating cloud properties to refer to the new ARN. Since cloud properties for a disk change, BOSH will create a new disk using the new key and migrate data onto the new disk.

Miscellaneous

Feature Support
Multi-CPI Supported, v61+
Native Disk Resize Supported, v89+
Generic VM Resource Configuration Supported, v56+