How do I deploy AWS EBS encryption by default?
To enable EBS encryption by default, you’ll use AWS Account Settings. This configuration ensures that all EBS volumes created in your account are encrypted by default without needing to specify encryption each time.
Here’s a step-by-step guide to achieve this:
- AWS Provider: We need to configure the AWS provider, which will let us interact with AWS resources.
- EBS Encryption by Default: Enable the default encryption setting for EBS volumes.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const _default = new aws.ebs.EncryptionByDefault("default", {enabled: true});
export const ebsEncryptionByDefaultArn = _default.id;
Summary
In this example, we configured the AWS provider and enabled EBS volume encryption by default using aws_ebs_encryption_by_default
. This ensures that all newly created EBS volumes in the specified region are encrypted automatically.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.