Snapshots

#awschallenge #database #cloud

🔁 RDS Snapshot Replication Across AWS Regions

🧠 Inspiration

In real-world applications, ensuring disaster recovery and high availability across regions is a top priority. I wanted to explore how Amazon RDS Snapshots can be used to replicate database state across AWS regions, and how to do it completely using CLI and infrastructure best practices.

🛠 What I Built

I built a working solution that:

Creates a manual snapshot of a running RDS MySQL instance
Copies that snapshot securely to another AWS region using CLI
Restores the snapshot as a brand-new RDS instance in the target region
Configures EC2 to securely connect to the restored DB instance for verification

This project mimics real-world cross-region disaster recovery, entirely using AWS CLI and IAM best practices.

🧩 How It Works

✅ RDS Snapshot: I initiated a manual snapshot of my running MySQL database in eu-west-1.
🔐 Cross-Region Copy: I securely copied the snapshot to us-east-1, providing the right KMS key and permissions.
🔁 Restoration: The snapshot was restored as a new database in the destination region.
🔓 Security Group Linking: I configured the database's SG to only allow port 3306 from my EC2 instance — a critical security and connectivity setup.
🔌 Testing: I used EC2 to connect to the new database using MySQL CLI and verified everything worked.

🔍 Challenges I Faced

❌ Cross-region encryption: Required specifying a new KMS key.
⛔ IAM Denial: A Service Control Policy (SCP) was explicitly denying the snapshot copy action.
⚠️ Connectivity issues: Even with "All traffic" allowed, the DB was unreachable until I restricted access only to port 3306.
🔐 Understanding SSH & IAM policies: Took time to troubleshoot security-related errors cleanly.