ebs encryption SCP with basic doc added

README.md

@@ -15,8 +15,10 @@ A repository of community generated Service control policies (SCPs) and referenc
 
 - [prevent-deletion-of-service-resources](prevent-deletion-of-service-resources.policy) - Protect various organizational roles and resources curated for service and governance related purposes. 
 
+- [ec2-encrypt-ebs] (ec2-encrypt-ebs.policy) - Set enforces setting where ebs volumes are encrypted by default - to set default for account use cli command (aws ec2 enable-ebs-encryption-by-default) Not setting up a default encryption will generate a difficult to understand error.
+
 ## Reference Links
 
 - [Service Control Policies](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html) - AWS Organizations - Service Control Policies Documentation
 
-- [Example Control Policies](https://github.com/awsdocs/aws-organizations-docs/blob/master/doc_source/orgs_manage_policies_example-scps.md) 
+- [Example Control Policies](https://github.com/awsdocs/aws-organizations-docs/blob/master/doc_source/orgs_manage_policies_example-scps.md) 

ec2-encreypt-ebs.policy

@@ -0,0 +1,20 @@
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Require EC2 Encryption",
+            "Effect": "Deny",
+            "Action": [
+                "ec2:RunInstances"
+            ],
+            "Condition": {
+                "Bool": {
+                    "ec2:Encrypted": "false"
+                }
+            },
+            "Resource": [
+                "*"
+            ]
+        }
+    ]
+}