How to create or initiate an AWS managed keys
At "AWS console > KMS > AWS managed keys", I see "aws/ebs" under some regions and some regions do not have AWS managed "aws/ebs" key. I understand that we can create "Customer managed keys". But how can I create or initiate an aws managed key so that I've "aws/ebs" on all the regions I wanted?
aws/ebs is an AWS managed key. It's created automatically in any region where you create an EBS volume with AWS managed keys.
You can also create your own Customer Managed Key (CMK) in any region and tell EBS to use that key for encryption. The main difference is you can set the KMS key policy however you want it, to lock down administration and use, and you're charged $1 / month / backing key. You're not charged the $1/month for AWS managed keys, but you're charged key usage regardless of who manages the key.