Posted On: May 30, 2019
Hibernating your Amazon EC2 Instances is now easier then ever. You can now enable Amazon Elastic Block Store (EBS) Encryption by Default, to ensure all new EBS volumes created in your account are encrypted. To enable Hibernation, you no longer have to create an encrypted copy of the Amazon Machine Image (AMI) before launching an instance. Alternatively, you can also now specify encryption intent at launch (with unencrypted AMI or snapshot) and enable hibernation at the same time (see link).
Hibernation requires an EC2 instance be an encrypted EBS-backed instance. This ensures protection of sensitive contents in memory (RAM) as they get copied to EBS upon hibernation. Previously, to launch an EC2 instance backed by encrypted EBS volume, you had to either specify encryption intent at launch or use an AMI with an encrypted EBS snapshot. With EBS Encryption by Default, you can skip both these steps. EBS Encryption by Default also secures EC2 Spot instances that are set to hibernate upon interruption.
For more information about EBS Encryption by Default, visit this link or technical documentation. This feature is available through AWS Command Line Interface (CLI) or AWS SDKs at no extra charge.
EC2 Hibernation: Hibernation is available for On-Demand and Reserved Instances running on freshly launched M3, M4, M5, C3, C4, C5, R3, R4, and R5 instances running Amazon Linux (1). You can enable hibernation for your EBS-backed instances at launch. You can then hibernate and resume your instances through the AWS Management Console, or though the AWS SDK and CLI using the existing stop-instances and start-instances commands.
To learn more about hibernation, visit this blog, product FAQs or our technical documentation. EC2 Hibernation is available in the US East (N. Virginia, Ohio), US West (N. California, Oregon), Canada (Central), South America (Sao Paulo), Asia Pacific (Mumbai, Seoul, Singapore, Sydney, Tokyo), and EU (Frankfurt, London, Ireland, Paris) Regions.