Enable AWS EBS encryption By default

#aws #ebs #python #devops

Based on Jeff Barr Recent Blog AWS make it easier and simpler for you to protect your data from unauthorized access. I feel this should be enabled by anyone who use AWS.

If you prefer to do via AWS CLI then make sure you have updated to latest version of CLI [aws-cli/1.16.169 Python/2.7.10 Darwin/17.7.0 botocore/1.12.159 ]

aws ec2 enable-ebs-encryption-by-default

Note: You will have to run this command in all the regions you operate.

Below is the python script that can help you with enabling it using below for region you interested are

import boto3

# list the regions you are interested to run this script on
regions = ['us-east-1']

for region in regions:
    client = boto3.client('ec2', region)
    response = client.enable_ebs_encryption_by_default()
    print("Default EBS Encryption for region", region,": ",  response['EbsEncryptionByDefault'])

Note: Shared script will use the default ebs key. If you are interested in using different KMS key then use below

response = client.modify_ebs_default_kms_key_id(
    KmsKeyId='string'
)

Hot sauce if you're wrong · web dev trivia for staff engineers (Chris vs Jeremy, Leet Heat S1.E4)

Shipping Fast: Test your knowledge of deployment strategies and techniques
Authentication: Prove you know your OAuth from your JWT
CSS: Demonstrate your styling expertise under pressure
Acronyms: Decode the alphabet soup of web development
Accessibility: Show your commitment to building for everyone

Contestants must answer rapid-fire questions across the full stack of modern web development. Get it right, earn points. Get it wrong? The spice level goes up!

Watch Video 🌶️🔥