mirror of https://github.com/trailofbits/algo
EC2: Enable EBS single step encryption by default (#1556)
* EC2: EBS single step encryption by default * return back the encryption variablepull/1565/head
parent
3c30074a7f
commit
95eddccfb7
@ -1,29 +0,0 @@
|
||||
---
|
||||
- name: Check if the encrypted image already exist
|
||||
ec2_ami_facts:
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
owners: self
|
||||
region: "{{ algo_region }}"
|
||||
filters:
|
||||
state: available
|
||||
"tag:Algo": encrypted
|
||||
"tag:image": "{{ cloud_providers.ec2.image.name }}"
|
||||
register: search_crypt
|
||||
|
||||
- name: Copy to an encrypted image
|
||||
ec2_ami_copy:
|
||||
aws_access_key: "{{ access_key }}"
|
||||
aws_secret_key: "{{ secret_key }}"
|
||||
encrypted: yes
|
||||
name: "algo/{{ cloud_providers.ec2.image.name }}"
|
||||
kms_key_id: "{{ kms_key_id | default(omit) }}"
|
||||
region: "{{ algo_region }}"
|
||||
source_image_id: "{{ (ami_search.images | sort(attribute='creation_date') | last)['image_id'] }}"
|
||||
source_region: "{{ algo_region }}"
|
||||
wait: true
|
||||
tags:
|
||||
Algo: "encrypted"
|
||||
image: "{{ cloud_providers.ec2.image.name }}"
|
||||
register: ami_search_encrypted
|
||||
when: search_crypt.images|length|int == 0
|
Loading…
Reference in New Issue