AWS > Compute > Amazon Elastic Compute Cloud (EC2):
Snapshots of Root Device Volumes:
1. To create a snapshot for Amazon EBS volumes that serve as root devices, you should stop the instance before taking th snapshot.
Snapshots - Security:
1. Snapshots of encrypted volumes are encrypted automatically.
2. Volumes restored from encrypted snapshots are encrypted automatically.
3. You can share snapshots, but only if they are unecnrypted.
3A. These snapshots can be shared with other AWS accounts or made public.
The steps involved to encrypt the root device volume:
1. Create a Snapshot of the unencrypted root device volume.
2. Create a copy of the Snapshot and select the encrypt option.
3. Create an AMI from the encrypted Snapshot.
4. Use the AMI to launch new encrypted instances.
Reference:
1. AWS Documentation - Sharing an Amazon EBS Snapshot:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html
2. Udemy - AWS Solutions Architect - Associate:
https://www.udemy.com/aws-certified-solutions-architect-associate/
最初發表 / 最後更新: 2019.03.24 / 2020.06.08
0 comments:
張貼留言