We have a requirement for encryption at rest for everything we deploy in AWS, including on the root volumes for HipChat Datacenter EC2 instances. Boot/root volume encryption is typically accomplished in EC2 by creating or copying an AMI and encrypting it with your KMS key, then creating an instance from that encrypted AMI.
All of the guides and documentation I've seen so far have pointed toward using Atlassian-provided AMIs for HipChat Datacenter in AWS. These AMIs and their underlying snapshots appear to be set to not allow copying, which is the default. As a result, there's no way to copy them and encrypt them.
Does anyone have a workaround for encrypting the root volumes of HipChat Datacenter EC2 instances? Alternatively, the maintainers of the AMIs could consider opening up the permissions on the snapshots backing the AMIs to allow them to be copied.
Over the next several weeks we'll be sharing some of our Getting Started guides here in the community. Throughout this series of posts, we'd love to hear from customers and non-customers ab...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs