private validateBlockDevices()

in packages/aws-rfdk/lib/deadline/lib/spot-event-plugin-fleet.ts [644:672]

• 24 lines of code
• 9 McCabe index (conditional complexity)

  private validateBlockDevices(blockDevices?: BlockDevice[]): void {
    if (blockDevices === undefined) {
      Annotations.of(this).addWarning(`The spot-fleet ${this.node.id} is being created without being provided any block devices so the Source AMI's devices will be used. ` +
        'Workers can have access to sensitive data so it is recommended to either explicitly encrypt the devices on the worker fleet or to ensure the source AMI\'s Drives are encrypted.');
    } else {
      blockDevices.forEach(device => {
        if (device.volume.ebsDevice === undefined) {
          // Suppressed or Ephemeral Block Device
          return;
        }

        const { iops, volumeType } = device.volume.ebsDevice;
        if (!iops) {
          if (volumeType === EbsDeviceVolumeType.IO1) {
            throw new Error('iops property is required with volumeType: EbsDeviceVolumeType.IO1');
          }
        } else if (volumeType !== EbsDeviceVolumeType.IO1) {
          Annotations.of(this).addWarning('iops will be ignored without volumeType: EbsDeviceVolumeType.IO1');
        }

        // encrypted is not exposed as part of ebsDeviceProps so we need to confirm it exists then access it via [].
        // eslint-disable-next-line dot-notation
        if ( ('encrypted' in device.volume.ebsDevice === false) || ('encrypted' in device.volume.ebsDevice && !device.volume.ebsDevice['encrypted'] ) ) {
          Annotations.of(this).addWarning(`The BlockDevice "${device.deviceName}" on the spot-fleet ${this.node.id} is not encrypted. ` +
              'Workers can have access to sensitive data so it is recommended to encrypt the devices on the worker fleet.');
        }
      });
    }
  }