Attaching a Boot Volume
Learn how to reattach a volume after it's been detached from an associated instance.
An instance must be stopped before its respective boot volume can be detached, and a detached boot volume can only be reattached to replace an existing boot volume for a different instance. For more information, see Replacing a boot volume.
If a boot volume has been detached from the associated instance, you can reattach it to the instance. To restart an instance with a detached boot volume, you must reattach the boot volume using the steps described in this topic.
If a boot volume has been detached from the associated instance, or if the instance is stopped or terminated, you can attach the boot volume to another instance as a data volume. For steps, see Attaching a Boot Volume.
Required IAM Policy
To use Oracle Cloud Infrastructure, an administrator must be a member of a group granted security access in a policy by a tenancy administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don't have permission or are unauthorized, verify with the tenancy administrator what type of access you have and which compartment your access works in.
For administrators: The policy in Let users launch compute instances includes the ability to attach and detach existing block volumes. The policy in Let volume admins manage block volumes, backups, and volume groups lets the specified group do everything with block volumes and backups, but not launch instances.
Security Zones
Security Zones ensure that your cloud resources comply with Oracle security principles. If any operation on a resource in a security zone compartment violates a policy for that security zone, then the operation is denied.
The following security zone policies affect your ability to attach block volumes to compute instances.
-
The boot volume for a compute instance in a security zone must also be in the same security zone.
-
A compute instance that isn't in a security zone can't be attached to a boot volume that is in a security zone.
Steps
- On the Boot Volumes list page, select the boot volume you want to work with. If you need help finding the list page or the boot volume, see Listing Boot Volumes.
- Select Attached instances.
- Select the boot volume's attachment type.
- Select the boot volume's compartment.
- Select the boot volume.
- Select the instance you want to attach the both volume to in the drop-down menu, or by entering the instance OCID.
- (Optional) Select Require CHAP credentials to use iSCSI security protocol CHAP for authentication between the instance and volume.
- (Optional) Select Use Oracle Cloud Agent to automatically connect to iSCSI-attached volumes to run iSCSI commands automatically when connecting an iSCSI volume to Linux-based instances.
-
Select You can start the instance when the boot volume's state is Attached.
Use the
oci compute boot-volume-attachment attachcommand and specify the--boot-volume-idand--instance-idparameters to attach the volume to the instance:oci compute boot-volume-attachment attach --boot-volume-id boot_volume_id --instance-idinstance_idFor a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the
AttachBootVolumeoperation to attach a volume to an instance.
Required IAM Policy
To use Oracle Cloud Infrastructure, an administrator must be a member of a group granted security access in a policy by a tenancy administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don't have permission or are unauthorized, verify with the tenancy administrator what type of access you have and which compartment your access works in.
For administrators: The policy in Let users launch compute instances includes the ability to attach and detach existing block volumes. The policy in Let volume admins manage block volumes, backups, and volume groups lets the specified group do everything with block volumes and backups, but not launch instances.
Security Zones
Security Zones ensure that your cloud resources comply with Oracle security principles. If any operation on a resource in a security zone compartment violates a policy for that security zone, then the operation is denied.
The following security zone policies affect your ability to attach block volumes to compute instances.
-
The boot volume for a compute instance in a security zone must also be in the same security zone.
-
A compute instance that isn't in a security zone can't be attached to a boot volume that is in a security zone.
- On the Boot Volumes list page, select the boot volume you want to work with. If you need help finding the list page or the boot volume, see Listing Boot Volumes.
- Select Attached instances.
- Select the boot volume's attachment type.
- Select the boot volume's compartment.
- Select the boot volume.
- Select the instance you want to attach the both volume to in the drop-down menu, or by entering the instance OCID.
- (Optional) Select Require CHAP credentials to use iSCSI security protocol CHAP for authentication between the instance and volume.
- (Optional) Select Use Oracle Cloud Agent to automatically connect to iSCSI-attached volumes to run iSCSI commands automatically when connecting an iSCSI volume to Linux-based instances.
-
Select You can start the instance when the boot volume's state is Attached.
Use the
oci compute boot-volume-attachment attachcommand and specify the--boot-volume-idand--instance-idparameters to attach the volume to the instance:oci compute boot-volume-attachment attach --boot-volume-id boot_volume_id --instance-idinstance_idFor a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the
AttachBootVolumeoperation to attach a volume to an instance.