EBS volume should be encrypted
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Description
Enable encryption for Elastic Block Store (EBS) by default in the region.
Rationale
AES-256 encryption, used by EBS, protects data stored on volumes, disk I/O, and the snapshots created from a volume to protect your sensitive data from exploits and unauthorized users.
From the console
Follow the EBS encryption docs to learn about the requirements and methods for enabling encryption region-wide in the AWS Console.
From the command line
- Run
enable-ebs-encryption-by-default to enable encryption for your account in the current region.
aws ec2 enable-ebs-encryption-by-default \
--region <INSERT-AWS-REGION>
See the Set encryption defaults using the API and CLI docs for additional commands related to EBS encryption.
