How to Encrypt an unencrypted EBS volume on AWS

An unencrypted volume can’t be encrypted directly after it’s creation. The encryption is happening during the volume creation.

Suppose your website files are now stored on an unencrypted additional EBS drive, which you need to encrypt since you know it’s not safe when it’s sensitive data.

So what should you do here to encrypt those unencrypted volume that being used by your EC2 instance.

This is the method!

Step 1: Sign into AWS console

Go to EC2 console https://console.aws.amazon.com/ec2/

Step 2: Create a Snapshot from unencrypted volume

Right click the volume that you want to get a snapshot and click on Create Snapshot

A dialogue window will appear. Make a description of the snapshot so you can find it later.

After that, go to the Snapshots area and look for the unencrypted snapshot.

Step 3: Create Encrypted EBS Volume from the snapshot

Right click the snapshot and click on Create volume. A dialogue window will appear. Make sure to tick the Encrypt this volume and select your key from drop-down.

Press Create volume and now you have an Encrypted volume with Encrypted data from Unencrypted volume with Unencrypted data.

Note : Please create volume in the same availability zone as your instance.

Step 4: Detach and attach

You now have two volumes: encrypted and unencrypted. Detach the unencrypted volume from the instance and attach the new encrypted volume in its place.

Cheers !

Thanks for reading this article. If you liked it, please give a few claps so it reaches more people who would love it!