AWS offers a database service called RDS(Relational Database Service). In AWS we can create a snapshot from an existing database and restore it to create a new database. But when it comes to sharing the snapshot to a different AWS account, there is a little procedure to make this work. So here we are going to know about how to share a RDS snapshot from an AWS Account to another AWS Account.
- Login to your AWS account which contains your RDS database.
- Go to RDS and snapshots and click the Automated section, you are able to see your RDS snapshot.
- Select the snapshot you want to share and click Actions.
- As you can see in the picture below, you are not able to click the Share snapshot button.
- If you want to share your snapshot to another account, you need to create a KMS key with some permissions to the another aws account.
Creating KMS Key
- Let’s take this account as Account A and the other account as Account B.
- So now we are going to create a KMS key and add the IAM user of Account A. Because we have to give full authority on the KMS key to our user.
- Go to the KMS key and click on the Customer managed keys section, then click the Create key button.
Select the options in the first page as default like the picture below. Click Next.
Enter an alias name to your KMS key and give a description and click Next.
Also Read: How to setup RDS auto scaling in AWS within 15 minutes
Now we need to add the IAM users which is used to maintain the KMS keys which we are creating and also enable the Allow key administrators to delete this key and then click on Next
Now Click on Add Another AWS account.
Add the Account B’s account ID like the below screenshot. Then click the Next button.
And finally click Finish to complete the creation of the KMS key.
Copy the Snapshot and Add KMS key
- Navigate to the RDS snapshot which we look at the starting stage of this article.
- Select the snapshot and click the Actions, then click the Copy snapshot.
- Select the Destination Region. For now I select the same region that we are working in now.
- In the New DB Snapshot identifier window, provide a name for your new snapshot.
- Scroll down to the bottom and Click the Enable Encryption check box and add the KMS key which we created just a few minutes ago.
- Finally click copy snapshot to create a new snapshot.
Sharing the RDS snapshot with Account B
- Inside the snapshots sections go to the Manual section and you can see a newly created database snapshot.
- Select the snapshot and click the Actions button.
- Now you are able to see the Share snapshot option. Click it.
Here please input your Account B’s Account ID and click Add then click Save.
Restore the snapshot in Account B
- Login to the AWS console of Account B.
- Go to the RDS and Snapshots section and select Shared with me.
- Here you can see the RDS snapshot from Account A.
- Select the snapshot, click Actions and click Copy snapshot.
Enter a name for a new snapshot.
Add the default KMS key and then click Copy snapshot.
Once the copying the snapshot is completed you can find the snapshot in under the Manual section.
Select the RDS snapshot and click Actions and click the Restore snapshot to Create a new RDS Database from the snapshot.
This is a simplest and a secured way to share a RDS database snapshot from an AWS account to another AWS Account.