Posted On: Dec 15, 2015
Starting today, you can launch Amazon EC2 instances with an encrypted Amazon Elastic Block Store (EBS) boot volume, which together with EBS data volume encryption means you can now encrypt all your EBS storage.
This simplifies security compliance processes by providing encryption for both EBS data and boot volumes using AWS Key Management Service (KMS). It can also help simplify your auditing process because you now have the ability to ensure all data on EBS is encrypted at rest and in transit. This feature is supported with all EBS volume types.
Encrypted boot volumes are available today in the US East (Northern Virginia), US West (Northern California), US West (Oregon), Europe (Ireland), Europe (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (Sao Paulo), and Asia Pacific (Tokyo) regions.
To learn more, please visit the Encrypted EBS Boot Volumes Blog Post.