Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!
openssl genrsa -des3 -out rootCA.key 4096
resource "aws_ami_copy" "ubuntu-18_04-encrypted" { | |
name = "${data.aws_ami.ubuntu-18_04.name}-encrypted" | |
description = "${data.aws_ami.ubuntu-18_04.description} (encrypted)" | |
source_ami_id = "${data.aws_ami.ubuntu-18_04.id}" | |
source_ami_region = "${var.region}" | |
encrypted = true | |
tags { | |
ImageType = "encrypted-ubuntu-18_04" | |
} |