How to Encrypt existing EBS volume

Hello All,

Can someone please tell me how we can encrypt existing ebs volume without destroying the infrastructure

I think AWS doesn’t support encrypting existing volumes. You will have to,

  1. Create a snapshot of existing volume
  2. Copy that snapshot to an encrypted snapshot using the CMK
  3. Create an encrypted volume from snapshot created in step 2
  4. Remove the existing volume from Terraform and import the volume created in step 3 to Terraform

In addition to that you’ll need to handle the volume attachment and detachment if it’s attached to an EC2 instance.