encrypted-copy - Kubernetes Cluster API Provider AWS

clusterawsadm ami encrypted-copy

Encrypt and copy AMI snapshot, then create an AMI with that snapshot

Synopsis

Find the AMI based on Kubernetes version, OS, region in the AWS account where AMIs are stored. Encrypt and copy the snapshot of the AMI to the current AWS account. Create an AMI with that snapshot.

clusterawsadm ami encrypted-copy [flags]

Examples

  # Create an encrypted AMI:
  # Available os options: centos-7, ubuntu-24.04, ubuntu-22.04, amazon-2, flatcar-stable
  clusterawsadm ami encrypted-copy --kubernetes-version=v1.18.12 --os=ubuntu-20.04  --region=us-west-2
  
  # owner-id and dry-run flags are optional. region can be set via flag or env
  clusterawsadm ami encrypted-copy --os centos-7 --kubernetes-version=v1.19.4 --owner-id=111111111111 --dry-run
  
  # copy from us-east-1 to us-east-2
  clusterawsadm ami encrypted-copy --os centos-7 --kubernetes-version=v1.19.4 --owner-id=111111111111 --region us-east-2 --source-region us-east-1
  
  # Encrypt using a non-default KmsKeyId specified using Key ID:
  clusterawsadm ami encrypted-copy --os centos-7 --kubernetes-version=v1.19.4 --kms-key-id=key/1234abcd-12ab-34cd-56ef-1234567890ab
  
  # Encrypt using a non-default KmsKeyId specified using Key alias:
  clusterawsadm ami encrypted-copy --os centos-7 --kubernetes-version=v1.19.4 --kms-key-id=alias/ExampleAlias
  
  # Encrypt using a non-default KmsKeyId specified using Key ARN:
  clusterawsadm ami encrypted-copy --os centos-7 --kubernetes-version=v1.19.4 --kms-key-id=arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef
  
  # Encrypt using a non-default KmsKeyId specified using Alias ARN:
  clusterawsadm ami encrypted-copy --os centos-7 --kubernetes-version=v1.19.4 --kms-key-id=arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias

Options

      --dry-run                     Check if AMI exists and can be copied
  -h, --help                        help for encrypted-copy
      --kms-key-id string           The ID of the KMS key for Amazon EBS encryption
      --kubernetes-version string   Kubernetes version of the AMI to be copied
      --os string                   Operating system of the AMI to be copied
      --owner-id string             The source AWS owner ID, where the AMI will be copied from (default "819546954734")
      --region string               The AWS region in which to provision
      --source-region string        Set if wanting to copy an AMI from a different region

Options inherited from parent commands

  -v, --v int   Set the log level verbosity. (default 2)

SEE ALSO

clusterawsadm ami - AMI commands

Auto generated by spf13/cobra on 12-Nov-2024