How can I get a list of encrypted disks for instances that are running on the AWS CLI?

There is a great question here about how to get a list of encrypted disks. I'm currently using the describe-volumes command.

For the record I'm currently using:

aws ec2 describe-volumes --region us-east-1 --filters Name=encrypted,Values=false Name=attachment.status,Values=attached --query "length(Volumes[])"

What I want is to filter that down further to just the instances that are running. (ie exclude the ones that are stopped).

My question is: How can I get a list of encrypted disks for instances that are running on the AWS CLI?

Here is what I ended up using. Enjoy.

for instance in $instances;
do
  count=`aws ec2 describe-volumes --filters Name=attachment.status,Values=attached Name=attachment.instance-id,Values=$instance --query "Volumes[]"  | jq  -r '. | length';`
  name=`aws ec2 describe-tags --filters Name=resource-id,Values=$instance Name=key,Values=Name --query Tags[].Value | jq -r '.[0]'`
  if [ $count -gt 0 ]; then
    START=0
    END=$count
    for ((i=START; i<END; i++))
    do
       #echo "i: $i"
       encrypted=`aws ec2 describe-volumes --filters Name=attachment.status,Values=attached Name=attachment.instance-id,Values=$instance --query "Volumes[]"  | jq  -r ".[$i].Encrypted";`
       volumeid=`aws ec2 describe-volumes --filters Name=attachment.status,Values=attached Name=attachment.instance-id,Values=$instance --query "Volumes[]"  | jq  -r ".[$i].VolumeId";`
       echo "$instance $name Volumes: $count VolumeId: $volumeid Encrypted: $encrypted "
    done
  fi
done

StackExchange DevOps Q#1186, answer score: 2