diff --git a/internal/rbd/controllerserver.go b/internal/rbd/controllerserver.go
index 8ce3c801f..df2705020 100644
--- a/internal/rbd/controllerserver.go
+++ b/internal/rbd/controllerserver.go
@@ -389,9 +389,8 @@ func (cs *ControllerServer) DeleteVolume(ctx context.Context, req *csi.DeleteVol
 	}
 	defer cs.VolumeLocks.Release(volumeID)
 
-	rbdVol := &rbdVolume{}
-	defer rbdVol.Destroy()
-	if err = genVolFromVolID(ctx, rbdVol, volumeID, cr, req.GetSecrets()); err != nil {
+	rbdVol, err := genVolFromVolID(ctx, volumeID, cr, req.GetSecrets())
+	if err != nil {
 		if _, ok := err.(util.ErrPoolNotFound); ok {
 			klog.Warningf(util.Log(ctx, "failed to get backend volume for %s: %v"), volumeID, err)
 			return &csi.DeleteVolumeResponse{}, nil
@@ -436,6 +435,7 @@ func (cs *ControllerServer) DeleteVolume(ctx context.Context, req *csi.DeleteVol
 		}
 		return &csi.DeleteVolumeResponse{}, nil
 	}
+	defer rbdVol.Destroy()
 
 	// lock out parallel create requests against the same volume name as we
 	// cleanup the image and associated omaps for the same
@@ -506,8 +506,7 @@ func (cs *ControllerServer) CreateSnapshot(ctx context.Context, req *csi.CreateS
 	defer cr.DeleteCredentials()
 
 	// Fetch source volume information
-	rbdVol := new(rbdVolume)
-	err = genVolFromVolID(ctx, rbdVol, req.GetSourceVolumeId(), cr, req.GetSecrets())
+	rbdVol, err := genVolFromVolID(ctx, req.GetSourceVolumeId(), cr, req.GetSecrets())
 	if err != nil {
 		if _, ok := err.(ErrImageNotFound); ok {
 			return nil, status.Errorf(codes.NotFound, "source Volume ID %s not found", req.GetSourceVolumeId())
@@ -519,6 +518,7 @@ func (cs *ControllerServer) CreateSnapshot(ctx context.Context, req *csi.CreateS
 		}
 		return nil, status.Errorf(codes.Internal, err.Error())
 	}
+	defer rbdVol.Destroy()
 
 	// TODO: re-encrypt snapshot with a new passphrase
 	if rbdVol.Encrypted {
@@ -780,9 +780,7 @@ func (cs *ControllerServer) ControllerExpandVolume(ctx context.Context, req *csi
 	}
 	defer cr.DeleteCredentials()
 
-	rbdVol := &rbdVolume{}
-	defer rbdVol.Destroy()
-	err = genVolFromVolID(ctx, rbdVol, volID, cr, req.GetSecrets())
+	rbdVol, err := genVolFromVolID(ctx, volID, cr, req.GetSecrets())
 	if err != nil {
 		if _, ok := err.(ErrImageNotFound); ok {
 			return nil, status.Errorf(codes.NotFound, "volume ID %s not found", volID)
@@ -795,6 +793,7 @@ func (cs *ControllerServer) ControllerExpandVolume(ctx context.Context, req *csi
 
 		return nil, status.Errorf(codes.Internal, err.Error())
 	}
+	defer rbdVol.Destroy()
 
 	if rbdVol.Encrypted {
 		return nil, status.Errorf(codes.InvalidArgument, "encrypted volumes do not support resize (%s/%s)",
diff --git a/internal/rbd/rbd_util.go b/internal/rbd/rbd_util.go
index 6f8252922..8ce528f92 100644
--- a/internal/rbd/rbd_util.go
+++ b/internal/rbd/rbd_util.go
@@ -389,21 +389,22 @@ func genSnapFromSnapID(ctx context.Context, rbdSnap *rbdSnapshot, snapshotID str
 
 // genVolFromVolID generates a rbdVolume structure from the provided identifier, updating
 // the structure with elements from on-disk image metadata as well
-func genVolFromVolID(ctx context.Context, rbdVol *rbdVolume, volumeID string, cr *util.Credentials, secrets map[string]string) error {
+func genVolFromVolID(ctx context.Context, volumeID string, cr *util.Credentials, secrets map[string]string) (*rbdVolume, error) {
 	var (
 		options map[string]string
 		vi      util.CSIIdentifier
+		rbdVol  *rbdVolume
 	)
 	options = make(map[string]string)
 
 	// rbdVolume fields that are not filled up in this function are:
 	//		Mounter, MultiNodeWritable
-	rbdVol.VolID = volumeID
+	rbdVol = &rbdVolume{VolID: volumeID}
 
 	err := vi.DecomposeCSIID(rbdVol.VolID)
 	if err != nil {
 		err = fmt.Errorf("error decoding volume ID (%s) (%s)", err, rbdVol.VolID)
-		return ErrInvalidVolID{err}
+		return nil, ErrInvalidVolID{err}
 	}
 
 	rbdVol.ClusterID = vi.ClusterID
@@ -411,26 +412,31 @@ func genVolFromVolID(ctx context.Context, rbdVol *rbdVolume, volumeID string, cr
 
 	rbdVol.Monitors, _, err = getMonsAndClusterID(ctx, options)
 	if err != nil {
-		return err
+		return nil, err
 	}
 
 	rbdVol.Pool, err = util.GetPoolName(ctx, rbdVol.Monitors, cr, vi.LocationID)
 	if err != nil {
-		return err
+		return nil, err
+	}
+
+	err = rbdVol.Connect(cr)
+	if err != nil {
+		return nil, err
 	}
 	rbdVol.JournalPool = rbdVol.Pool
 
 	imageAttributes, err := volJournal.GetImageAttributes(ctx, rbdVol.Monitors, cr,
 		rbdVol.Pool, vi.ObjectUUID, false)
 	if err != nil {
-		return err
+		return nil, err
 	}
 
 	if imageAttributes.KmsID != "" {
 		rbdVol.Encrypted = true
 		rbdVol.KMS, err = util.GetKMS(imageAttributes.KmsID, secrets)
 		if err != nil {
-			return err
+			return nil, err
 		}
 	}
 	rbdVol.RequestName = imageAttributes.RequestName
@@ -441,13 +447,13 @@ func genVolFromVolID(ctx context.Context, rbdVol *rbdVolume, volumeID string, cr
 		rbdVol.JournalPool, err = util.GetPoolName(ctx, rbdVol.Monitors, cr, imageAttributes.JournalPoolID)
 		if err != nil {
 			// TODO: If pool is not found we may leak the image (as DeleteVolume will return success)
-			return err
+			return nil, err
 		}
 	}
 
 	err = updateVolWithImageInfo(ctx, rbdVol, cr)
 
-	return err
+	return rbdVol, err
 }
 
 func execCommand(command string, args []string) ([]byte, error) {