search

fpco / terraform-aws-foundation

Establish a solid Foundation on AWS with these modules for Terraform
MIT License
203 stars 99 forks source link

Support encrypted EBS in module ASG #283

Closed Magicloud closed 4 years ago

Magicloud commented 4 years ago

This is necessary for us to enable EBS encryption downstream.

qrilka commented 4 years ago

Plan with this version:

      - ebs_block_device { # forces replacement
          - delete_on_termination = true -> null
          - device_name           = "/dev/xvdb" -> null
          - encrypted             = false -> null
          - iops                  = 0 -> null
          - no_device             = false -> null
          - volume_size           = 250 -> null
          - volume_type           = "gp2" -> null
        }
      + ebs_block_device { # forces replacement
          + delete_on_termination = true
          + device_name           = "/dev/xvdb"
          + encrypted             = true
          + iops                  = (known after apply)
          + snapshot_id           = (known after apply)
          + volume_size           = 250
          + volume_type           = "gp2"
        }

And after applying it we have a new EBS volume shown as encrypted

ketzacoatl commented 4 years ago

Do we have any tests with the updated module using non-encrypted EBS?

qrilka commented 4 years ago

Updated README