Encrypting EBS volumes ensures that replicated copies of your images are secure even if they are accidentally exposed. AWS EBS encryption uses AWS KMS customer master keys (CMK) when creating encrypted volumes and snapshots. Storing EBS volumes in their encrypted state reduces the risk of data exposure or data loss. We recommend you encrypt all data stored in the EBS.
Fix - Runtime
AWS Console
To change the policy using the AWS Console, follow these steps: