Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Symptoms

By default SoftNAS do not ship an encrypted AMI, but we support the encrypted AMIs our customers create based on our AMIs

...

Purpose

You want to create an AMI with an Encrypted EBS root volume which can be used to deploy multiple SoftNAS instances in your AWS cloud environment without having the need to do it manually on each new deployment

Resolution

Please follow the AWS instructions below:1-   

  1. Launch a SoftNAS AMI

...

  1. from the Community or Market Place as you normally would
  2. Next, ssh into the instance and delete this file --> /etc/udev/rules.d/70-persistent-net.

...

3 - Shutdown the instance            Image Removed

...

  1. rulesImage Added
  2. Next, Shutdown the instanceImage Added
  3. Detach current root volume

...


  1. Image Added

...

  1. Create a snapshot of the detached root volume

...


  1. Image Added

...

  1. Create a new volume from the snapshot with "Encryption" enabled. NOTE: be sure to select the same AZ your instance in on and check the Encryption button! then select the default master key ((default) aws/ebs)

 Image RemovedImage Removed

...

  1. Image Added
    Image Added
  2. Attach the newly created root Volume with EBS encryption to the instance as /dev/sda1

...



  1. Image Added

...

  1. Create AMI image of the instance (named something like Encrypted SoftNAS AMI)

...


  1. Image Added

...

  1. After creating the new AMI is done, create a new instance with the "Encrypted SoftNAS AMI"

...


  1. Image Added
  2. Now any instances created with this AMI will have the root volume encrypted.