Uly.me

cloud engineer

  • Home
  • About
  • Archives
Home/Archives for encrypted

March 18, 2019

Steps to Encrypt Volumes

Here the steps to encrypt an unencrypted volume.

  1. Take a snapshot of the unencrypted volume.
  2. Make a copy of that snapshot and turn on encryption.
  3. Create a volume of the encrypted snapshot.
  4. Stop the instance.
  5. Detach the original unencrypted volume from the instance.
  6. Attach the newly created encrypted volume to the instance.
  7. Start the instance.

AWS CLI

# CREATE A SNAPSHOT
aws ec2 create-snapshot \
--volume-id vol-1234567890abcdef0 \
--description "This is my snapshot"
 
# COPY SNAPSHOT
aws ec2 copy-snapshot \
--source-region us-west-2 --source-snapshot-id snap-066877671789bd71b \
--region us-east-1 --description "This is my copied snapshot."
 
# CREATE A VOLUME
aws ec2 create-volume \
--region us-east-1 --availability-zone us-east-1a \
--snapshot-id snap-066877671789bd71b --volume-type io1 --iops 1000
 
# STOP AN INSTANCE
aws ec2 stop-instances --instance-ids i-1234567890abcdef0
 
# DETACH A VOLUME
aws ec2 detach-volume --volume-id vol-1234567890abcdef0
 
# ATTACH A VOLUME
aws ec2 attach-volume --volume-id vol-1234567890abcdef0 \
--instance-id i-01474ef662b89480 --device /dev/sdf
 
# START AN INSTANCE
aws ec2 start-instances --instance-ids i-1234567890abcdef0

# CREATE A SNAPSHOT aws ec2 create-snapshot \ --volume-id vol-1234567890abcdef0 \ --description "This is my snapshot" # COPY SNAPSHOT aws ec2 copy-snapshot \ --source-region us-west-2 --source-snapshot-id snap-066877671789bd71b \ --region us-east-1 --description "This is my copied snapshot." # CREATE A VOLUME aws ec2 create-volume \ --region us-east-1 --availability-zone us-east-1a \ --snapshot-id snap-066877671789bd71b --volume-type io1 --iops 1000 # STOP AN INSTANCE aws ec2 stop-instances --instance-ids i-1234567890abcdef0 # DETACH A VOLUME aws ec2 detach-volume --volume-id vol-1234567890abcdef0 # ATTACH A VOLUME aws ec2 attach-volume --volume-id vol-1234567890abcdef0 \ --instance-id i-01474ef662b89480 --device /dev/sdf # START AN INSTANCE aws ec2 start-instances --instance-ids i-1234567890abcdef0

March 18, 2019

List of Encrypted Volumes

Here’s the AWS CLI to get a list of encrypted or unencrypted volumes.

# list of encrypted volumes
aws ec2 describe-volumes \
--filters Name=encrypted,Values=true \
--region us-east-1 --profile default \
--query "Volumes[*].{ID:VolumeId}" --output text
# list of unencrypted volumes
aws ec2 describe-volumes \
--filters Name=encrypted,Values=false \
--region us-east-1 --profile default \
--query "Volumes[*].{ID:VolumeId}" --output text
# count the list of encrypted volumes. use wc -l to get a count.
aws ec2 describe-volumes \
--filters Name=encrypted,Values=true \
--region us-east-1 --profile default \
--query "Volumes[*].{ID:VolumeId}" --output text | wc -l

# list of encrypted volumes aws ec2 describe-volumes \ --filters Name=encrypted,Values=true \ --region us-east-1 --profile default \ --query "Volumes[*].{ID:VolumeId}" --output text # list of unencrypted volumes aws ec2 describe-volumes \ --filters Name=encrypted,Values=false \ --region us-east-1 --profile default \ --query "Volumes[*].{ID:VolumeId}" --output text # count the list of encrypted volumes. use wc -l to get a count. aws ec2 describe-volumes \ --filters Name=encrypted,Values=true \ --region us-east-1 --profile default \ --query "Volumes[*].{ID:VolumeId}" --output text | wc -l

  • Cloud
  • Linux
  • Git

Copyright © 2012–2021