Satya shows you how to
share RDS snapshots
between AWS accounts

satya-rds-snapshots-share-account

How do I share manual Amazon Relational Database Service (Amazon RDS) DB snapshots or DB cluster snapshots with another AWS account?

You can share manual DB snapshots with up to 20 AWS accounts. You can start or stop sharing manual snapshots by using the Amazon RDS console, except for the following limitations:

  • Automated Amazon RDS snapshots can't be shared with other AWS accounts. To share an automated snapshot, copy the snapshot to make a manual version, and then share that copy.
  • Manual snapshots of DB instances that use custom option groups with persistent or permanent options, such as Transparent Data Encryption (TDE) and time zone, can't be shared.
  • Encrypted manual snapshots that don't use the default RDS encryption key can be shared, but you must first share the KMS key with the account that you want to share the snapshot with. To share the key with another account, share the IAM policy with the primary and secondary accounts. Shared encrypted snapshots can't be restored directly from the destination account. First, copy the snapshot to the destination account by using a KMS key in the destination account.
  • Snapshots that use the default RDS encryption key (aws/rds) can be shared, but you must first copy the snapshot and choose a custom encryption key. Then, you can share the custom key and the copied snapshot.
  • Snapshots can be shared across AWS Regions. First share the snapshot, and then copy the snapshot to the same Region in the destination account. Then, you can copy the snapshot to another Region.
  1. Open the Amazon RDS console.
  2. Choose Snapshots from the left navigation pane.
  3. From the drop-down menu, select Manual Snapshots.
  4. Choose the snapshot the manual snapshot that you want to share with another AWS account, choose Actions, and then choose Share Snapshot.
  5. From the Manage Snapshot Permissions pane, choose the DB Snapshot Visibility:
    - Public permits all AWS accounts to restore a DB instance from your manual DB snapshot.
    - Private permits only AWS accounts that you specify to restore a DB instance from your manual DB snapshot.
  6. In the AWS Account ID field, enter the ID of the AWS account that you want to permit to restore a DB instance from your manual DB snapshot, and then choose Add.
    Note: You can repeat this step to share snapshots with up to 20 AWS accounts.
  7. Choose Save.
  8. To stop sharing a snapshot with an AWS Account, select the Delete check box next to the account ID from the Manage Snapshot Permissions pane, and then choose Save.

If you want to restore a DB instance or DB cluster from a shared snapshot by using the AWS Command Line Interface (AWS CLI) or Amazon RDS API, you must specify the full Amazon Resource Name (ARN) of the shared snapshot as the snapshot identifier.


Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2017-07-07

Updated: 2019-03-13