Can unencrypted volume be encrypted only via creating encrypted snapshot and then AMI and then volume OR it can simply just be encrypted as it is?
Assuming you have un-encrypted volume which is attached to EC2 instance and wanted to encrypt it.
1. Create snapshot of un-encrypted volume(which is attached to Ec2 instance)
2. Create encrypted volume from the unencrypted snapshot(from step1)
3. Detach the old uncrypted volume from EC2 instance.
4. Attach the new encrypted volume to EC2 instance.