Certified Security - Specialty

Sign Up Free or Log In to participate!

Switching non-encrypted root volume with an encrypted volume

Didn’t encrypt root volume will creation and want to apply encryption later. For the same, took a snapshot of the un-encrypted root volume and then created a new volume with the snapshot and applied option for encryption. With the encrypted volume which replicates my earlier root volume, I am now trying to make it the root on the instance.

For this I attached new volume to the instance. Stopped instance and detached the root instance. Now instance has new encrypted volume attached but doesn’t show it as root.

Need help with pointers if this is expected or are there any further steps to be done to make the new volume get reflected as root volume

Alex C

I believe you need to create an AMI from the encrypted root volume first, then create a new instance from that AMI.

1 Answers

First you will need to stop the instance, detach the root volume, attach the new volume and make sure that the new volume has the same device name as /dev/sda1 https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?