New Skills

New Training: Create Encrypted Root Volume AMI

by Team Nuggets
New Training: Plan for Protective Controls at AWS picture: A
Published on March 3, 2021

In this 5-video skill, CBT Nuggets trainer Bart Castle teaches you how to work with encrypted EBS-backed Amazon Machine Images (AMIs). Learn how to encrypt an existing EBS-backed root volume and how to create an AMI from that volume. Gain an understanding of encryption and the limitations of EBS root-volume encryption. Watch this new AWS training.

Learn AWS with one of these courses:

This training includes:

  • 5 videos

  • 19 minutes of training

You’ll learn these topics in this skill:

  • EBS Encryption: Root Volume

  • Encrypted EBS Root Volume: Prereqs

  • Encrypted EBS Root Volume: Creating an Image

  • Encrypted EBS Root Volume: Encrypting the Image

  • Encrypted EBS Root Volume: Testing

What is an Amazon Machine Image (AMI)?

One of the most powerful features of AMIs is their pre-configured instances. These pre-configured images let IT professionals launch things like EC2 instances much more quickly. For instance, an AMI might come preconfigured for everything needed to run a LAMP stack. By using this AMI, developers don't need to install Apache, MySql, or PHP. Likewise, things like the services and firewalls are already configured. Developers only need to worry about fine-detail configurations.

AMIs aren't only for AWS pre-configured images, though. Organizations can create their own images as well. With AMI, you can launch multiple instances with the same image, as long as the configuration for both is the same. An AMI can include a combination of the following:

Amazon Elastic Block Store (EBS) snapshots, or a template for the root volume of an instance in the case of instance-store-backed AMIs.

A set of launch permissions, which determine which AWS accounts can access both the AMI and the instances that it launches.

A block device mapping, which lists the volumes that will get attached to the instance after it launches.

You can make AMIs private so that no one else can use them. You can also share it with other AWS accounts or make it public so that the entire AWS community can use it. You can even buy and sell AMIs.

Recommended Articles