Automation Document for EC2 Volume Encryption Migration
Automation EC2 Volume Encryption Migration π»β«β«πΎπ ββ π»β«β«πΎπ
Objective
β€ Automate the process of migrating an EC2 instance with unencrypted volumes to an EC2 instance with encrypted volumes using a shell script. The script will:
1- Create an AMI of the original instance.
2- Launch a new EC2 instance from the AMI with encrypted volumes.
3- Terminate the original instance. (optional)
4- Clean up AMI and associated snapshots.
Prerequisites
1- AWS CLI: Ensure AWS CLI is installed and configured with appropriate permissions.
2- jq: Install jq for JSON processing. (You can install it using sudo apt-get install jq on Ubuntu or brew install jq on macOS.)
Shell Script π»πΎπ β π»πΎπ
Create a shell script migrate_ec2.sh with the following content:
Script for creating new instance with encrypted volume
if we need instance is not created only replace volume then used below script πΎπ β πΎπ
Script for creating new encrypted volume and detach not-encrypted volume
Script Explanation
1- Variables: Set your instance ID, region, new instance type, and other details. Ensure you replace placeholder values with actual values.
2- Create AMI: Creates an AMI from the existing instance.
3- Retrieve Instance Details: Fetches the instance’s subnet ID and security groups. Checks if the instance has a public IP.
4- Launch New Instance: Launches a new instance from the AMI with encrypted volumes. The instance is launched without a public IP if the original instance did not have one.
5- Terminate Old Instance: Optionally terminates the old instance after verifying that the new instance is running.
6- Clean Up: Deregisters the AMI and deletes associated snapshots to avoid unnecessary charges.
How to Use the Script
1- Save the Script: Save the script to a file named migrate_ec2.sh.
2- Make the Script Executable: Run chmod +x migrate_ec2.sh to make the script executable.
3- Execute the Script: Run the script with ./migrate_ec2.sh.