- Launch a SoftNAS AMI from the Community or Market Place as you normally would
- Next, ssh into the instance and delete this file --> /etc/udev/rules.d/70-persistent-net.rules
- Next, Shutdown the instance
- Detach current root volume
- Create a snapshot of the detached root volume
- Create a new volume from the snapshot with "Encryption" enabled. NOTE: be sure to select the same AZ your instance in on and check the Encryption button! then select the default master key ((default) aws/ebs)
- Attach the newly created root Volume with EBS encryption to the instance as /dev/sda1
- Create AMI image of the instance (named something like Encrypted SoftNAS AMI)
- After creating the new AMI is done, create a new instance with the "Encrypted SoftNAS AMI"
Now any instances created with this AMI will have the root volume encrypted.