{"id":29342854,"url":"https://github.com/jbrt/ec2cryptomatic-serverless","last_synced_at":"2025-07-08T11:08:03.595Z","repository":{"id":41416640,"uuid":"169992967","full_name":"jbrt/ec2cryptomatic-serverless","owner":"jbrt","description":"Encrypt EBS volumes from AWS EC2 instances with a serverless StepFunctions machine","archived":false,"fork":false,"pushed_at":"2020-08-15T11:49:44.000Z","size":96,"stargazers_count":6,"open_issues_count":0,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2023-05-23T07:32:49.673Z","etag":null,"topics":["aws","ebs","ebs-snapshots","ebs-volumes","lambda-layer","python3","serverless","snapshot","step-functions"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jbrt.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-02-10T15:30:35.000Z","updated_at":"2022-07-01T14:51:54.000Z","dependencies_parsed_at":"2022-08-28T13:00:15.032Z","dependency_job_id":null,"html_url":"https://github.com/jbrt/ec2cryptomatic-serverless","commit_stats":null,"previous_names":[],"tags_count":null,"template":null,"template_full_name":null,"purl":"pkg:github/jbrt/ec2cryptomatic-serverless","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jbrt%2Fec2cryptomatic-serverless","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jbrt%2Fec2cryptomatic-serverless/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jbrt%2Fec2cryptomatic-serverless/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jbrt%2Fec2cryptomatic-serverless/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jbrt","download_url":"https://codeload.github.com/jbrt/ec2cryptomatic-serverless/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jbrt%2Fec2cryptomatic-serverless/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264257674,"owners_count":23580469,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","ebs","ebs-snapshots","ebs-volumes","lambda-layer","python3","serverless","snapshot","step-functions"],"created_at":"2025-07-08T11:07:58.930Z","updated_at":"2025-07-08T11:08:03.582Z","avatar_url":"https://github.com/jbrt.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# EC2Cryptomatic (server-less version)\n\nEncrypt EBS volumes from AWS EC2 instances with a serverless StepFunctions machine.\nThis project is a server-less version of the EC2Cryptomatic tool (http://www.github.com.jbrt/ec2cryptomatic).\n\n**Non-serverless version of EC2Cryptomatic can encrypt larger EBS volumes.** \nIf you need to encrypt large volumes please use the non-serverless version.\n\n## Description\n\nThis tool let you :\n- Encrypt all the EBS volumes for an instance\n- Duplicate all the source tags to the target\n- Apply DeleteOnTermination flag if needs\n- Preserve the original volume or not as an option \n- Start each instance after encrypting is complete\n\nFor your information, the workflow used to encrypt a EBS volume is:\n- Take a snapshot from the original volume\n- Copy and encrypt that snapshot\n- Create a new volume from that encrypted snapshot\n- Swap the volumes\n- Do some cleaning\n\nAll logs will be sent to CloudWatch Logs.\n\n## How it works ?\n\nThis version of the ec2cryptomatic tool used Lambda functions and a Step \nFunctions machine for encrypting volumes.\n\n ![stepfunctions](state-machine.png)\n\n## How deploy it ?\n\nThis project embedded a Terraform template that let you deploy the state \nmachine into your AWS account.\n\nPlease download the terraform tool from http://www.terraform.io and then\nuse these commands into the terraform directory of this project:\n\n````bash\nterraform init\nterraform plan\nterraform apply\n````\n\n## How to run the Step-Functions machine ?\n\nGo into your Step-functions console, click on EC2Cryptomatic-state-machine.\nThen click on \"Start Execution\":\n\n![startexecution](start-execution.png)\n\nFinally, you can use this JSON structure as input parameters:\n\n```json\n{\n    \"region\": \"eu-west-1\",\n    \"instance_id\": \"i-069131dace36da0f7\",\n    \"kms_key\": \"alias/aws/ebs\",\n    \"delete_source\": true\n}\n```\n\nYou can also use the AWS CLI for starting the machine :\n\n````bash\naws stepfunctions start-execution --state-machine-arn \u003cvalue\u003e\n                                  [--name \u003cvalue\u003e]\n                                  [--input \u003cvalue\u003e]\n                                  [--cli-input-json \u003cvalue\u003e]\n                                  [--generate-cli-skeleton \u003cvalue\u003e]\n````\n\n## License\n\nThis project is under MIT license.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjbrt%2Fec2cryptomatic-serverless","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjbrt%2Fec2cryptomatic-serverless","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjbrt%2Fec2cryptomatic-serverless/lists"}