Recover deleted volumes from the Recycle Bin
This topic explains how to recover Amazon EBS volumes from the Recycle Bin.
Topics
Permissions for working with volumes in the Recycle Bin
By default, users don't have permission to work with volumes that are in the Recycle Bin. To allow users to work with these resources, you must create IAM policies that grant permission to use specific resources and API actions. After the policies are created, you must add permissions to your users, groups, or roles.
To view and recover volumes that are in the Recycle Bin, users must have the following permissions:
-
ec2:ListVolumesInRecycleBin -
ec2:RestoreVolumeFromRecycleBin
To manage tags for volumes in the Recycle Bin, users need the following additional permissions.
-
ec2:CreateTags -
ec2:DeleteTags
To use the Recycle Bin console, users need the ec2:DescribeTags
permission.
The following is an example IAM policy. It includes the ec2:DescribeTags permission
for console users, and it includes the ec2:CreateTags and ec2:DeleteTags
permissions for managing tags. If the permissions are not needed, you can remove them from the policy.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowRecycleBinVolumeOperations", "Effect": "Allow", "Action": [ "ec2:ListVolumesInRecycleBin", "ec2:RestoreVolumeFromRecycleBin" ], "Resource": "arn:aws:ec2:*:123456789012:volume/*" }, { "Sid": "AllowVolumeTagOperations", "Effect": "Allow", "Action": [ "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags" ], "Resource": "arn:aws:ec2:*:123456789012:volume/*" } ] }
To provide access, add permissions to your users, groups, or roles:
-
Users and groups in AWS IAM Identity Center:
Create a permission set. Follow the instructions in Create a permission set in the AWS IAM Identity Center User Guide.
-
Users managed in IAM through an identity provider:
Create a role for identity federation. Follow the instructions in Create a role for a third-party identity provider (federation) in the IAM User Guide.
-
IAM users:
-
Create a role that your user can assume. Follow the instructions in Create a role for an IAM user in the IAM User Guide.
-
(Not recommended) Attach a policy directly to a user or add a user to a user group. Follow the instructions in Adding permissions to a user (console) in the IAM User Guide.
-
For more information about the permissions needed to use Recycle Bin, see Permissions for working with Recycle Bin and retention rules.
View volumes in the Recycle Bin
While a volume is in the Recycle Bin, you can view limited information about it, including:
-
The ID of the volume.
-
The size of the volume.
-
The volume type.
-
The date and time when the volume was deleted and it entered Recycle Bin.
-
The date and time when the retention period expires. The volume will be permanently deleted from the Recycle Bin at this time.
You can view the volumes in the Recycle Bin using one of the following methods.
Restore volumes from the Recycle Bin
You can't use a volume in any way while it is in the Recycle Bin. To use the volume, you must first restore it. When you restore a volume from the Recycle Bin, the volume is immediately available for use, and it is removed from the Recycle Bin. You can use a restored volume in the same way that you use any other volume in your account.
You can restore a volume from the Recycle Bin using one of the following methods.
