2021-05-20 06:11:50 +00:00
|
|
|
import boto3
|
|
|
|
|
2024-01-07 12:03:33 +00:00
|
|
|
from moto import mock_aws
|
2021-05-20 06:11:50 +00:00
|
|
|
from tests import EXAMPLE_AMI_ID
|
|
|
|
|
|
|
|
|
2024-01-07 12:03:33 +00:00
|
|
|
@mock_aws
|
2021-05-20 06:11:50 +00:00
|
|
|
def test_run_instance_with_encrypted_ebs():
|
|
|
|
kms = boto3.client("kms", region_name="us-east-1")
|
|
|
|
resp = kms.create_key(Description="my key", KeyUsage="ENCRYPT_DECRYPT")
|
|
|
|
key_id = resp["KeyMetadata"]["Arn"]
|
|
|
|
ec2 = boto3.client("ec2", region_name="us-east-1")
|
2022-05-26 16:04:36 +00:00
|
|
|
key_name = "keypair_name"
|
|
|
|
ec2.create_key_pair(KeyName=key_name)
|
|
|
|
|
2021-05-20 06:11:50 +00:00
|
|
|
kwargs = {
|
|
|
|
"MinCount": 1,
|
|
|
|
"MaxCount": 1,
|
|
|
|
"ImageId": EXAMPLE_AMI_ID,
|
|
|
|
"KeyName": "the_key",
|
|
|
|
"InstanceType": "t1.micro",
|
|
|
|
"BlockDeviceMappings": [
|
|
|
|
{
|
|
|
|
"DeviceName": "/dev/sda2",
|
|
|
|
"Ebs": {
|
|
|
|
"VolumeSize": 50,
|
|
|
|
"VolumeType": "gp2",
|
|
|
|
"Encrypted": True,
|
|
|
|
"KmsKeyId": key_id,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
],
|
|
|
|
}
|
2021-10-05 17:11:07 +00:00
|
|
|
instance = ec2.run_instances(**kwargs)
|
|
|
|
instance_id = instance["Instances"][0]["InstanceId"]
|
2021-05-20 06:11:50 +00:00
|
|
|
|
2021-10-05 17:11:07 +00:00
|
|
|
instances = (
|
|
|
|
ec2.describe_instances(InstanceIds=[instance_id])
|
|
|
|
.get("Reservations")[0]
|
|
|
|
.get("Instances")
|
|
|
|
)
|
2021-05-20 06:11:50 +00:00
|
|
|
volume = instances[0]["BlockDeviceMappings"][0]["Ebs"]
|
|
|
|
|
|
|
|
volumes = ec2.describe_volumes(VolumeIds=[volume["VolumeId"]])
|
2023-07-17 09:31:05 +00:00
|
|
|
assert volumes["Volumes"][0]["Size"] == 50
|
|
|
|
assert volumes["Volumes"][0]["Encrypted"] is True
|
|
|
|
assert volumes["Volumes"][0]["KmsKeyId"] == key_id
|