KMS Key for Encrypted volume for the Launch Configuration

Question

In the AWS CLI, there is an option to set the KMS key ID for the EBS Volumes which are encryption enabled 
but that functionality is lagging in the AWS SDK for Java

https://docs.aws.amazon.com/cli/latest/reference/ec2/create-launch-template.html

If you are creating a volume from a snapshot, you cannot create an unencrypted volume from an encrypted snapshot. Also, you cannot specify a KMS key ID when using a launch configuration.

https://sdk.amazonaws.com/java/api/latest/software/amazon/awssdk/services/autoscaling/model/Ebs.html

Is there any workaround for this in Java SDK

Accepted Answer

You'll need to use a Launch Template instead of a Launch Configuration. Launch Templates are the preferred replacement for Launch Configurations and provide a superset of functionality.

Launch Templates are part of the Amazon EC2 API, not the AWS Auto Scaling API, which can be confusing for some. In the Java SDK, see [LaunchTemplateEbsBlockDevice.Builder kmsKeyId(String kmsKeyId)](https://sdk.amazonaws.com/java/api/latest/software/amazon/awssdk/services/ec2/model/LaunchTemplateEbsBlockDevice.Builder.html#kmsKeyId-java.lang.String-).

KMS Key for Encrypted volume for the Launch Configuration

相關內容