From dd22edefb19559801c5656af0b84e0fbd89848a0 Mon Sep 17 00:00:00 2001
From: eric straavaldsen <eric.straavaldsen@wisc.edu>
Date: Wed, 28 Aug 2019 10:25:42 -0500
Subject: [PATCH 1/3] ebs encryption SCP with basic doc added

---
 README.md               |  4 +++-
 ec2-encreypt-ebs.policy | 20 ++++++++++++++++++++
 2 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 ec2-encreypt-ebs.policy

diff --git a/README.md b/README.md
index 4a00cc3..0b4b0ac 100644
--- a/README.md
+++ b/README.md
@@ -15,8 +15,10 @@ A repository of community generated Service control policies (SCPs) and referenc
 
 - [prevent-deletion-of-service-resources](prevent-deletion-of-service-resources.policy) - Protect various organizational roles and resources curated for service and governance related purposes. 
 
+- [ec2-encrypt-ebs] (ec2-encrypt-ebs.policy) - Set enforces setting where ebs volumes are encrypted by default - to set default for account use cli command (aws ec2 enable-ebs-encryption-by-default) Not setting up a default encryption will generate a difficult to understand error.
+
 ## Reference Links
 
 - [Service Control Policies](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html) - AWS Organizations - Service Control Policies Documentation
 
-- [Example Control Policies](https://github.com/awsdocs/aws-organizations-docs/blob/master/doc_source/orgs_manage_policies_example-scps.md) 
\ No newline at end of file
+- [Example Control Policies](https://github.com/awsdocs/aws-organizations-docs/blob/master/doc_source/orgs_manage_policies_example-scps.md) 
diff --git a/ec2-encreypt-ebs.policy b/ec2-encreypt-ebs.policy
new file mode 100644
index 0000000..b2b45ea
--- /dev/null
+++ b/ec2-encreypt-ebs.policy
@@ -0,0 +1,20 @@
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Require EC2 Encryption",
+            "Effect": "Deny",
+            "Action": [
+                "ec2:RunInstances"
+            ],
+            "Condition": {
+                "Bool": {
+                    "ec2:Encrypted": "false"
+                }
+            },
+            "Resource": [
+                "*"
+            ]
+        }
+    ]
+}

From c51157f818e34649abd56e3a222796c6c1e76896 Mon Sep 17 00:00:00 2001
From: eric straavaldsen <eric.straavaldsen@wisc.edu>
Date: Wed, 28 Aug 2019 10:30:57 -0500
Subject: [PATCH 2/3] ebs encryption SCP with basic doc markup fixed

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 0b4b0ac..cc19de7 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# AWS Organizations Service Control Policies
+# AWS Organizations Service Control Policies
 ---
 
 ## Description
@@ -15,7 +15,7 @@ A repository of community generated Service control policies (SCPs) and referenc
 
 - [prevent-deletion-of-service-resources](prevent-deletion-of-service-resources.policy) - Protect various organizational roles and resources curated for service and governance related purposes. 
 
-- [ec2-encrypt-ebs] (ec2-encrypt-ebs.policy) - Set enforces setting where ebs volumes are encrypted by default - to set default for account use cli command (aws ec2 enable-ebs-encryption-by-default) Not setting up a default encryption will generate a difficult to understand error.
+- [ec2-encrypt-ebs](ec2-encrypt-ebs.policy) - Set enforces setting where ebs volumes are encrypted by default - to set default for account use cli command: aws ec2 enable-ebs-encryption-by-default    Not setting up a default encryption will generate a difficult to understand error.
 
 ## Reference Links
 

From fcab2ba4080612d588f5c87fa7627a9c38a0bcfa Mon Sep 17 00:00:00 2001
From: eric straavaldsen <eric.straavaldsen@wisc.edu>
Date: Wed, 28 Aug 2019 10:58:20 -0500
Subject: [PATCH 3/3] learning how to successfully type encrypt

---
 ec2-encreypt-ebs.policy => ec2-encrypt-ebs.policy | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename ec2-encreypt-ebs.policy => ec2-encrypt-ebs.policy (100%)

diff --git a/ec2-encreypt-ebs.policy b/ec2-encrypt-ebs.policy
similarity index 100%
rename from ec2-encreypt-ebs.policy
rename to ec2-encrypt-ebs.policy