AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約

Copying RDS Snapshot to another account

0

Scenario

A customer wants to shutdown an AWS account say Account A, however it has RDS/Aurora databases. These databases are encrypted. Prior to shutdown, they want to backup these databases.

My Recommendation:

  • Create manual snapshots of these databases and copy them to backup account i.e. account B. [Within region]
  • For encryption, use a KMS key from account B to encrypt target snapshots.

I have gone through the documentation and can see the only limitation in this scenario is deleting the source snapshot before the copy is complete or target snapshot status is Available. Reference

Questions:

  • Are there any other limitations that I should be aware of in this scenario? I don't want the customer to be surprised when they try to restore using this snapshot after account A has been deleted.
1回答
1
承認された回答

Be very careful with KMS policies and ensure that the final snapshot is encrypted with a key belonging to the target account.

Additionally, you can share this entry from our Knowledge Center with the customer, https://aws.amazon.com/premiumsupport/knowledge-center/share-encrypted-rds-snapshot-kms-key/

AWS
回答済み 4年前
profile picture
エキスパート
レビュー済み 6ヶ月前
profile picture
エキスパート
レビュー済み 8ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ