Posted On: Feb 28, 2018
Today we are announcing an improved method for creating encrypted Amazon Elastic Block Store (EBS) volumes at the same time as your Amazon EC2 instances launch. You can now specify a customer-managed customer master key (CMK) for the creation of encrypted data volumes when launching your EC2 instances. You no longer will have to separately create and attach additional EBS data volumes to your instances in order to use your customer-managed CMK for data encryption. This simplifies your workflow and reduces the time it takes before your instance is available for use with an additional encrypted EBS data volume. You can either use the Amazon EC2 Launch Wizard or the RunInstances API call to create encrypted Amazon EBS Volumes with your customer-managed CMK when launching your EC2 Instances.
This feature is available at no additional cost and is available in the AWS US East (N. Virginia), US East (Ohio), US West (Northern California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), EU (Frankfurt), EU (Ireland), EU (London), South America (Sao Paulo) and AWS GovCloud (US) Regions.
To learn more about creating EBS data volumes with custom CMKs when launching EC2 instances, visit this documentation page. For more information on Amazon EBS, visit this page.