Aug 8, 2018
To best way to list all encrypted or non-encrypted EBS volumes is using the aws-cli with the ec2 describe-volumes option.
To list all non-encrypted volumes we can use the following filters:
aws ec2 describe-volumes --filters Name=encrypted,Values=false
That will return all non-ecrypted volumes, however we can add more filters to make it more specific:
aws ec2 describe-volumes --filters Name=encrypted,Values=false Name=attachment.status,Values=attached
Now we have only attached volumes, but it’s returning to much information, we can make it more clean using the ‘–query’ option:
aws ec2 describe-volumes --filters Name=encrypted,Values=false Name=attachment.status,Values=attached --query 'Volumes[*].Attachments[*].{Volume:VolumeId,Instance:InstanceId}'
Now the output is all volume and instance IDs.