Step 6. Enable Encryption

[This step applies only if you have selected the Restore to new location, or with different settings option at the Restore Mode step of the wizard]

At the Encryption step of the wizard, choose whether the restored EBS volumes of the processed EC2 instance must be encrypted with AWS KMS keys:

  • If you do not want to encrypt the EBS volumes or want to apply the existing encryption scheme, select the Use original encryption scheme option.
  • If you want to encrypt the EBS volumes, select the Restore as encrypted instance option and choose the necessary KMS key from the Encryption key list.

For a KMS key to be displayed in the list of available encryption keys, it must be stored in the AWS Region selected at step 5 and the IAM role specified for the restore operation must have permissions to the key. For more information on KMS keys, see AWS Documentation.

Restoring Entire EC2 Instance