By default we do not ship an encrypted AMI, but we support the encrypted AMIs our customers create based on our AMIs and according to AWS instructions below:
1- Launch a SoftNAS AMI
2- From EC2 console create an image based on it
3- From Images > AMIs > Right click and choose Copy AMI
4- Choose the region, Name, then check “Encryption” and pick up your master key.
5- Click “Copy AMI”, after few minutes you will find it in the same place.
6- Now Right click > Choose launch
7- Go through the launch process and you will find Root Volume will be encrypted
ssh into the instance and delete this file --> /etc/udev/rules.d/70-persistent-net.rules 
3 - Shutdown the instance 
4- Detach current root volume
5- Create a snapshot of the detached root volume
6- Create a new volume from the snapshot with "Encryption" enabled. NOTE: be sure to select the same AZ your instance in on and check the Encryption button! then select the default master key ((default) aws/ebs)
7- Attach the newly created root Volume with EBS encryption to the instance as /dev/sda1
8 - Create AMI image of the instance (named something like Encrypted SoftNAS AMI)
9- After creating the new AMI is done, create a new instance with the "Encrypted SoftNAS AMI"
Now any instances created with this AMI will have the root volume encrypted.