8

EBS Config Rules

Last Update 6 miesięcy temu

AWS Config Rule: Elasticsearch Encrypted at Rest AWS Config Rule: Elasticsearch Node to Node Encryption Check AWS Config Rule: Encrypted Volumes AWS Config Rule: EC2 EBS Encryption by Default AWS Config Rule: EBS in Backup Plan

AWS Config Rule: Encrypted Volumes

ENCRYPTED_VOLUMES

Fernando Honig

Last Update 6 miesięcy temu

Description: Checks if the EBS volumes that are in an attached state are encrypted. If you specify the ID of a KMS key for encryption using the kmsId parameter, the rule checks if the EBS volumes in an attached state are encrypted with that KMS key.


Trigger type: Configuration changes


AWS Region: All supported AWS regions except Africa (Cape Town), Asia Pacific (Osaka), Europe (Milan), Israel (Tel Aviv) Region

How to Resolve this Manually

To resolve this manually, go to your AWS Management Console and select EC2 under Services.


Go to Volumes under Elastic Block Store and select the volume that is NON_COMPLIANT according to the AWS Config Rule.


Currently, there is no option to encrypt a volume if not encrypted

In order to encrypt a volume, you need to create a snapshot. Click Actions -> Create snapshot.


Go to Snapshots under Elastic Block Store and filter by the volume-id. Click Actions -> Create volume and make sure you click Encrypt this volume under Encryption.


When the new volume is created, you can either attach it to the instance or create a new instance from it.

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us