EC2 setting 'EBS encryption by default' should be enabled

ec2
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

Enabling the EC2 setting ‘EBS encryption by default’ ensures that all new block storage volumes and snapshots are automatically encrypted, providing data protection at rest. This setting helps to prevent inadvertent data exposure by eliminating the need for manual encryption configuration for each new volume. This aids in maintaining a consistent security posture and simplifies compliance with regulatory requirements for data protection. Note: This setting is configured at a per-account, per-region level.

Remediation

For guidance on enforcing encryption of new EBS volumes and snapshots, refer to the Enable Amazon EBS encryption by default section of the Amazon EBS User Guide.

PREVIEWING: ida.adjivon/DOCS-11256