During a security audit, the security team at DataSolutions found unencrypted EBS volumes on their thousands of EC2 instances, violating company policy, and they need an automated solution to encrypt existing volumes and prevent developers from creating new unencrypted ones. Which solution will meet these requirements?