AMI's not Encrypted

Encrypting your Amazon Machine Images (AMI) ensures staying compliant with NIST, HIPPA, GDPR & PCI-DSS frameworks in relation to encryption of data at rest. Having all data encrypted at rest is considered a security best practice and should be implemented where ever possible. By having a full inventory of all your AMIs in all regions as well as accounts can alleviate unforeseen issues when being audited for compliance.

Audit & Remediation



  • Select the AMI that needs to be verified and under Details tab copy the Snapshot ID from the Block Devices.



  • Scroll down the left navigation panel and choose Snapshots under Elastic Block Store.



  • Click inside the Filter by tags and attributes or search by keyword and from the dropdown menu choose Snapshot ID and paste the Snapshot ID.
  • Select the snapshot and look in the Details tab at the Encryption.



  • If the Encryption states Not Encrypted then the AMI is not Encrypted at rest.
  • Navigate back to Images and select AMIs on the left hand menu.
  • Select the AMI then select the Actions button and choose Copy AMI.



  • In the Copy AMI, dialog box select the Destination region from the dropdown menu and click on the Encryption checkbox to Encrypt target EBS snapshots and choose the Master Key from the dropdown and click on the Copy AMI button.



  • the new AMI is now being created.



  • Once the AMI creation has completed, you can remove the old AMI as the new Encrypted AMI should now be used.
  • Repeat all step in each region to ensure all AMIs are encrypted at rest.
See all certificates in a single place!

Do you want to see all of your ACM certificates in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.


Other Key Features


Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +