Problem
When creating a new AMI in AWS using Konvoy image builder, you may run into the following error:
--> centos-7.9: Error modify snapshot attributes: OperationNotPermitted:
Encrypted snapshots with EBS default key cannot be shared status code: 400
This error is related to the default settings for the AWS region you are attempting to create the AMI in.
Solution
There are a few different ways that you can approach resolving this error. You can turn off encryption for the EBS volume; though if you desire to have some form of encryption on your EBS volume, then you can follow the steps below to set a new default key:
1. Open the EC2 Dashboard to the region you are trying to create the AMI in: https://console.aws.amazon.com/console/home
2. Click on 'EBS Encryption' to open the encryption dashboard and click manage.
3. Either disable encryption by default, or specify a new default encryption key. Once these settings are changed, the default AMIs created by Konvoy Image Builder will either not be encrypted or encrypted with the new default key.