From 9c2a86c64ca8fd9769cd2da5f021854ccd483565 Mon Sep 17 00:00:00 2001
From: Jack Ivanov <e601809@gmail.com>
Date: Thu, 28 Jun 2018 13:57:03 +0300
Subject: [PATCH] Enable EC2 volume encryption by default

---
 config.cfg                        | 1 +
 roles/cloud-ec2/defaults/main.yml | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/config.cfg b/config.cfg
index b6f97bb5..c8d6649c 100644
--- a/config.cfg
+++ b/config.cfg
@@ -95,6 +95,7 @@ cloud_providers:
     size: s-1vcpu-1gb
     image: "ubuntu-18-04-x64"
   ec2:
+    encrypted: true
     size: t2.micro
     image:
       name: "ubuntu-bionic-18.04"
diff --git a/roles/cloud-ec2/defaults/main.yml b/roles/cloud-ec2/defaults/main.yml
index 7cba6223..8060eb72 100644
--- a/roles/cloud-ec2/defaults/main.yml
+++ b/roles/cloud-ec2/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 ami_search_encrypted: omit
-encrypted: false
+encrypted: "{{ cloud_providers.ec2.encrypted }}"
 ec2_vpc_nets:
   cidr_block: 172.16.0.0/16
   subnet_cidr: 172.16.254.0/23