RDS 快照可以跨 AWS 账户传输吗? [英] Can RDS snapshots be transferred across AWS accounts?
问题描述
自从
这也可在 RDS API 和 CLI 中使用.
<小时>原答案:
我也将此发布到 AWS 开发人员论坛,并得到了回复 来自 PhilP@AWS.似乎我们根本无法通过 powershell 或任何其他方式做到这一点.不过,他确实有一些替代建议:
<块引用>无法从一个帐户直接共享 RDS 快照到另一个.但是我可以在这里提出一些建议(取决于在您当前的配置上):
如果您的 RDS 实例可公开访问:
- 在您的第二个帐户上启动一个新的 RDS 数据库
- 在PC上安装合适的DB管理工具,并赋予这台PC对两个RDS实例的网络访问权限(安全组和DB用户读写访问权限)
- 使用数据库管理工具将数据从一个数据库复制到另一个数据库
通过作为中介的 EC2 实例复制数据:
- 启动一个配置了适当数据库服务器软件的 EC2 实例
- 将 RDS 数据库数据从 RDS 实例复制到 EC2 实例
- 然后在第二个帐户中启动您的新 RDS 实例
- 配置适当的访问权限(安全组和数据库用户的读写访问权限)
- 将数据库数据从 EC2 实例复制到新创建的 RDS 实例
我的 RDS 实例不可公开访问,根据他的建议,EC2 解决方案更可取.根据服务器故障解决方案,我们可以改回使用 mysqldump.
我想更新一下,我已经成功地实施了 EC2 中介建议.这可以通过多种方式实现自动化,但我选择的解决方案涉及将 bash 脚本作为用户数据传递到(linux AMI)EC2 实例,并且数据传输的细节在脚本中处理.
该解决方案最终具有相当的成本效益,但需要注意的是,您希望 RDS 实例和 EC2 实例位于同一可用区中.这在很大程度上是因为 同一可用区中的 RDS-EC2 之间的数据传输是免费的 使用私有 IP 地址.
In the time since this question was answered, AWS Tools for Powershell has been released and I basically have the same problem: I have an RDS snapshot on one AWS account that I would like to transfer to another.
So far I've been able to select the snapshot that I want with the Get-RDSDBSnapshot cmdlet, and I'd like to take that Amazon.RDS.Model.DBSnapshot object and use it in the other account.
I've been looking around and I think the Restore-RDSDBInstanceFromDBSnapshot cmdlet (maps to rds-restore-db-instance-from-db-snapshot) might be what I'm looking for, but I'm not confident that I understand its behavior -- can this cmdlet be used to take my snapshot from my first account, and restore it to an instance in the second account?
I'm specifically concerned if there are any account-specific details in a Snapshot object or the handling of the cmdlet that would prevent that data from moving across accounts. I would be okay with a more general solution than powershell, if one exists.
Update 2015/10/29:
AWS has added native support for this functionality since my original posting (link to announcement). This is supported for unencrypted MySQL, Oracle, SQL Server, and PostgreSQL.
You are given the option to share your RDS snapshot publicly, or privately (by managing specific AWS Account IDs with permission to view your snapshot). By default, snapshots can be privately shared with up to 20 accounts.
This can be managed from the RDS console by clicking 'Snapshots (left navigation bar) > Share Snapshot (top toolbar)', which leads you to the following UI:
This is also available in the RDS API and CLI.
Original Answer:
I also posted this to the AWS Developer Forums, and got a response from PhilP@AWS. It seems like we can't do this at all, via powershell or any other means. He did have a couple of alternate suggestions, though:
It's not possible to directly share an RDS Snapshot from one account to another. However I can make a couple of suggestions here (depending on your current configuration):
If your RDS Instance is publicly accessible:
- Launch a new RDS DB onto your second account
- Install the appropriate DB management tools onto a PC, and give this PC network access to both RDS instances (security groups and DB user access for read and write)
- Using the database management tools to copy the data from one DB to the other DB
Copy data through an EC2 instance as an intermediary:
- Launch an EC2 instance configured with appropriate DB server software
- Copy the RDS DB Data from your RDS instance up to your EC2 instance
- Then launch your new RDS instance into the second account
- Configure appropriate access (security groups and DB user access for read and write)
- Copy the database data from your EC2 instance to your newly created RDS instance
My RDS instance isn't publicly accessible, and of his suggestions the EC2 solution would be preferable. We could alternate back to using a mysqldump, per the Server Fault solution.
Edit: I wanted to update that I've successfully been able to implement the EC2 intermediary suggestion. This can be automated several ways, but the solution I chose involved passing a bash script to the (linux AMI) EC2 instance as user-data, and the details of data transfer were handled in the script.
This solution ended up being fairly cost-effective, with the caveat that you want the RDS instance and the EC2 instance to be in the same availability zone. This is in large part because data transfer between RDS-EC2 in the same availability zone is free with a private IP address.
这篇关于RDS 快照可以跨 AWS 账户传输吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
