This is a hassle-free guide to share AWS Encrypted RDS across two different AWS accounts within 7 easy steps.
Overview
Login to the Source Account, Create a snapshot from RDS.
Creating KMS Key (with details of the destination account)
After the snapshot is created, Create a new copy of the snapshot & attach the KMS key.
Share the newly created snapshot to the destination account.
-
Log in to the **Destination Account, **head over to **Shared with me **snapshots, and create a new copy of the snapshot.
- Restore the copied Snapshot into a new RDS Instance.
Changes at the Source Account
1. Create Snapshot
Log in to the source AWS Account which contains the source Database and create a snapshot from it.
Cannot share an Encrypted Snapshot straight away.
Click on Share Snapshot, we can see that we cannot directly share the snapshot. For that, we have the KMS key to the rescue.
2. Create KMS Key
Open Key Management Service (KMS)
Create a Symmetric key, and add a label along with permission.
Enter the AWS Account ID and save the KMS key.
3. Create a Copy of the Snapshot
Once the snapshot is created, Select Snapshot, Click Actions > Copy Snapshot
Provide a name & select the newly create KMS key under the Master key
3. Share Snapshot with Destination account
Once the Copy of the snapshot is created, click on Actions > Share snapshot
Provide the AWS Account key and click Save.
Changes at the Destination Account
1. Import the Shared snapshot
Snapshot which we have shared from the source account will be available in the Shared with me tab under the snapshot window for AWS RDS.
Create a Copy of Snapshot click on Actions > Copy snapshot
2. Restore the Shared snapshot into RDS
Once the Copy of the share snapshot is created we can Restore the snapshot.
Select the Snapshot, Click on Actions > Restore Snapshot
Provide the Details for the new RDS instance and there we go!!.
“if you found this article useful, feel free to show some ❤️ and click on ❤️ many times or share it with your friends. Also follow us for more DevOps content”
Top comments (0)