Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Can RDS snapshots be transferred across AWS accounts?

In the time since this question was answered, AWS Tools for Powershell has been released and I basically have the same problem: I have an RDS snapshot on one AWS account that I would like to transfer to another.

So far I've been able to select the snapshot that I want with the Get-RDSDBSnapshot cmdlet, and I'd like to take that Amazon.RDS.Model.DBSnapshot object and use it in the other account.

I've been looking around and I think the Restore-RDSDBInstanceFromDBSnapshot cmdlet (maps to rds-restore-db-instance-from-db-snapshot) might be what I'm looking for, but I'm not confident that I understand its behavior -- can this cmdlet be used to take my snapshot from my first account, and restore it to an instance in the second account?

I'm specifically concerned if there are any account-specific details in a Snapshot object or the handling of the cmdlet that would prevent that data from moving across accounts. I would be okay with a more general solution than powershell, if one exists.

like image 977
Anthony Neace Avatar asked Aug 12 '13 16:08

Anthony Neace


1 Answers

Update 2015/10/29:

AWS has added native support for this functionality since my original posting (link to announcement). This is supported for unencrypted MySQL, Oracle, SQL Server, and PostgreSQL.

You are given the option to share your RDS snapshot publicly, or privately (by managing specific AWS Account IDs with permission to view your snapshot). By default, snapshots can be privately shared with up to 20 accounts.

This can be managed from the RDS console by clicking 'Snapshots (left navigation bar) > Share Snapshot (top toolbar)', which leads you to the following UI:

enter image description here

This is also available in the RDS API and CLI.


Original Answer:

I also posted this to the AWS Developer Forums, and got a response from PhilP@AWS. It seems like we can't do this at all, via powershell or any other means. He did have a couple of alternate suggestions, though:

It's not possible to directly share an RDS Snapshot from one account to another. However I can make a couple of suggestions here (depending on your current configuration):

If your RDS Instance is publicly accessible:

  • Launch a new RDS DB onto your second account
  • Install the appropriate DB management tools onto a PC, and give this PC network access to both RDS instances (security groups and DB user access for read and write)
  • Using the database management tools to copy the data from one DB to the other DB

Copy data through an EC2 instance as an intermediary:

  • Launch an EC2 instance configured with appropriate DB server software
  • Copy the RDS DB Data from your RDS instance up to your EC2 instance
  • Then launch your new RDS instance into the second account
  • Configure appropriate access (security groups and DB user access for read and write)
  • Copy the database data from your EC2 instance to your newly created RDS instance

My RDS instance isn't publicly accessible, and of his suggestions the EC2 solution would be preferable. We could alternate back to using a mysqldump, per the Server Fault solution.

Edit: I wanted to update that I've successfully been able to implement the EC2 intermediary suggestion. This can be automated several ways, but the solution I chose involved passing a bash script to the (linux AMI) EC2 instance as user-data, and the details of data transfer were handled in the script.

This solution ended up being fairly cost-effective, with the caveat that you want the RDS instance and the EC2 instance to be in the same availability zone. This is in large part because data transfer between RDS-EC2 in the same availability zone is free with a private IP address.

like image 119
Anthony Neace Avatar answered Nov 16 '22 02:11

Anthony Neace