AWS Config Rule: Encrypted Volumes
ENCRYPTED_VOLUMES
Fernando Honig
Last Update 7 maanden geleden
Description: Checks if the EBS volumes that are in an attached state are encrypted. If you specify the ID of a KMS key for encryption using the kmsId parameter, the rule checks if the EBS volumes in an attached state are encrypted with that KMS key.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except Africa (Cape Town), Asia Pacific (Osaka), Europe (Milan), Israel (Tel Aviv) Region
How to Resolve this Manually
To resolve this manually, go to your AWS Management Console and select EC2 under Services.
Go to Volumes under Elastic Block Store and select the volume that is NON_COMPLIANT according to the AWS Config Rule.
Currently, there is no option to encrypt a volume if not encrypted
In order to encrypt a volume, you need to create a snapshot. Click Actions -> Create snapshot.
Go to Snapshots under Elastic Block Store and filter by the volume-id. Click Actions -> Create volume and make sure you click Encrypt this volume under Encryption.
When the new volume is created, you can either attach it to the instance or create a new instance from it.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here