Anyone know on EKS if there is a straightforward way to default to encrypted volumes? The only thing I've found so far is creating a copy of the EKS ami and then setting that through the launch template. I haven't gotten that working yet, and it seems like there would be a better route for what I imagine is a pretty common requirement.
12/24/2020, 6:58 AM
You need to create a new storage class and set a KMS key on it, then when you create a new workload with a deployment or stateful set, use that storage class