AWS Amazon EC2 Encryption By Default

This page shows how to write Terraform for Amazon EC2 Encryption By Default and write them securely.

aws_ebs_encryption_by_default (Terraform)

The Encryption By Default in Amazon EC2 can be configured in Terraform with the resource name aws_ebs_encryption_by_default. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

github-iconsprathod369/iac-example
resource "aws_ebs_encryption_by_default" "enabled" {
  enabled = true
}

resource "aws_ebs_encryption_by_default" "default" {
}
github-iconSnidermanIndustries/checkov-fork
resource "aws_ebs_encryption_by_default" "enabled" {
  enabled = true
}

resource "aws_ebs_encryption_by_default" "default" {
}
github-iconSonarSource/sonar-iac
resource "aws_ebs_encryption_by_default" "default_encryption" {
  enabled = false # Noncompliant
#           ^^^^^
}
resource "aws_ebs_encryption_by_default" "default_encryption_1" { # Compliant
}
github-iconmelscoop-test/check
resource "aws_ebs_encryption_by_default" "enabled" {
  enabled = true
}

resource "aws_ebs_encryption_by_default" "default" {
}
github-iconCheckmarx/kics
resource "aws_ebs_encryption_by_default" "negative1" {
  enabled = true
}

resource "aws_ebs_encryption_by_default" "negative2" {

Parameters

Explanation in Terraform Registry

Provides a resource to manage whether default EBS encryption is enabled for your AWS account in the current AWS region. To manage the default KMS key for the region, see the aws_ebs_default_kms_key resource.

NOTE: Removing this Terraform resource disables default EBS encryption.

CloudFormation Example

CloudFormation code does not have the related resource.

Frequently asked questions

What is AWS Amazon EC2 Encryption By Default?

AWS Amazon EC2 Encryption By Default is a resource for Amazon EC2 of Amazon Web Service. Settings can be wrote in Terraform.

Where can I find the example code for the AWS Amazon EC2 Encryption By Default?

For Terraform, the sprathod369/iac-example, SnidermanIndustries/checkov-fork and SonarSource/sonar-iac source code examples are useful. See the Terraform Example section for further details.

security-icon

Scan your IaC problem in 3 minutes for free

You can keep your IaC security for free. No credit card required.