Certified Security - Specialty

Sign Up Free or Log In to participate!

Currently AWS allows encrypting root volume while launching instance

In the video it is mentioned that we need to create an API and then copy it, as a work around to encrypt the root volume. But currently console gives you the option to encrypt it while launching instance.

Ashwani Kumar

Yes that’s correct

3 Answers

Yes that’s right

It is great that they have recently made the change to allow root volume encryption on launch as before creating and cloning AMI’s was a slow process.  Just be aware that it is still important to know how to do it manually the old way to help with existing instances that need converting to encrypted EBS volumes.  Also some services like Auto Scaling groups do not currently support launching encrypted root volumes which means you have to manually create encrypted AMI’s for this use case right now.

Faye Ellis

Good answer – thank you!

For the time being it is worth knowing knowing how to do this manually so you don’t get tripped up in the exam which unfortunately  always runs a little behind the latest announcements and changes. They try to give at least 6 months to get used to a new feature, however in practice it can sometimes be more like 6-12 months behind.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?