I have this Company Standard AMI which has 4 volumes baked into it. we are required to use only this RHEL AMI.
when provisioning an instance with this, I also add a new EBS volume and associate it with the instance.
I am able to encrypt the root volume using “root_block_device” attribute in the
For the EBS I added, the encryption is easy with the “encrypted, kms_key_id” attributes in the resource "aws_ebs_volume"
What am not able to figure out is how to encrypt (using my Key) the EBS volumes packed in with the AMI.
This is possible via the Console, CLI & the boto3 APIs.
But can we do this using Terraform?