This is a hassle-free guide to share AWS Encrypted RDS across two different AWS accounts within 7 easy steps.
Login to the Source Account, Create a snapshot from RDS.
Creating KMS Key (with details of the destination account)
After the snapshot is created, Create a new copy of the snapshot & attach the KMS key.
Share the newly created snapshot to the destination account.
Log in to the **Destination Account, **head over to **Shared with me **snapshots, and create a new copy of the snapshot.
- Restore the copied Snapshot into a new RDS Instance.
Log in to the source AWS Account which contains the source Database and create a snapshot from it.
Cannot share an Encrypted Snapshot straight away.
Click on Share Snapshot, we can see that we cannot directly share the snapshot. For that, we have the KMS key to the rescue.
Open Key Management Service (KMS)
Create a Symmetric key, and add a label along with permission.
Enter the AWS Account ID and save the KMS key.
Once the snapshot is created, Select Snapshot, Click Actions > Copy Snapshot
Provide a name & select the newly create KMS key under the Master key
Once the Copy of the snapshot is created, click on Actions > Share snapshot
Provide the AWS Account key and click Save.
Snapshot which we have shared from the source account will be available in the Shared with me tab under the snapshot window for AWS RDS.
Create a Copy of Snapshot click on Actions > Copy snapshot
Once the Copy of the share snapshot is created we can Restore the snapshot.
Select the Snapshot, Click on Actions > Restore Snapshot
Provide the Details for the new RDS instance and there we go!!.