By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

KMS Key for Encrypted volume for the Launch Configuration

0

In the AWS CLI, there is an option to set the KMS key ID for the EBS Volumes which are encryption enabled but that functionality is lagging in the AWS SDK for Java

https://docs.aws.amazon.com/cli/latest/reference/ec2/create-launch-template.html

If you are creating a volume from a snapshot, you cannot create an unencrypted volume from an encrypted snapshot. Also, you cannot specify a KMS key ID when using a launch configuration.

https://sdk.amazonaws.com/java/api/latest/software/amazon/awssdk/services/autoscaling/model/Ebs.html

Is there any workaround for this in Java SDK

Topics
Security, Identity, & ComplianceComputeStorage
Tags
AWS Key Management ServiceAmazon EC2Amazon EC2 Auto ScalingAmazon Elastic Block Store
Language
English
asvignesh
asked 2 years ago642 views
1 Answer
1
Accepted Answer

You'll need to use a Launch Template instead of a Launch Configuration. Launch Templates are the preferred replacement for Launch Configurations and provide a superset of functionality.

Launch Templates are part of the Amazon EC2 API, not the AWS Auto Scaling API, which can be confusing for some. In the Java SDK, see LaunchTemplateEbsBlockDevice.Builder kmsKeyId(String kmsKeyId).

AWS
EXPERT
MichaelFischer
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content