RDS快照可以跨AWS账户传输吗?
[英]Can RDS snapshots be transferred across AWS accounts?
问题描述
In the time since this question was answered, AWS Tools for Powershell has been released and I basically have the same problem: I have an RDS snapshot on one AWS account that I would like to transfer to another. 
自回答此问题以来,AWS Tools for Powershell已经发布,我基本上遇到了同样的问题:我在一个AWS账户上有一个RDS快照,我希望将其转移到另一个账户。
So far I've been able to select the snapshot that I want with the Get-RDSDBSnapshot cmdlet, and I'd like to take that Amazon.RDS.Model.DBSnapshot object and use it in the other account. 到目前为止,我已经能够使用Get-RDSDBSnapshot cmdlet选择我想要的快照,并且我想获取该Amazon.RDS.Model.DBSnapshot对象并在其他帐户中使用它。
I've been looking around and I think the Restore-RDSDBInstanceFromDBSnapshot cmdlet (maps to rds-restore-db-instance-from-db-snapshot ) might be what I'm looking for, but I'm not confident that I understand its behavior -- can this cmdlet be used to take my snapshot from my first account, and restore it to an instance in the second account? 我一直在环顾四周,我认为Restore-RDSDBInstanceFromDBSnapshot cmdlet(映射到rds-restore-db-instance-from-db-snapshot )可能正是我正在寻找的,但我不相信我理解它行为 - 是否可以使用此cmdlet从我的第一个帐户获取快照,并将其还原到第二个帐户中的实例?
I'm specifically concerned if there are any account-specific details in a Snapshot object or the handling of the cmdlet that would prevent that data from moving across accounts. 我特别关注Snapshot对象中是否存在任何特定于帐户的详细信息,或者是否会阻止该数据跨帐户移动的cmdlet的处理。 I would be okay with a more general solution than powershell, if one exists. 如果存在一个问题,我会使用比PowerShell更通用的解决方案。
2 个解决方案
解决方案1
13 已采纳 2013-08-13 02:49:02
Update 2015/10/29: 2015/10/29更新:
AWS has added native support for this functionality since my original posting ( link to announcement ). 自我的原始发布( 链接到公告 )以来,AWS已为此功能添加了原生支持。 This is supported for unencrypted MySQL, Oracle, SQL Server, and PostgreSQL. 未加密的MySQL,Oracle,SQL Server和PostgreSQL支持此功能。
You are given the option to share your RDS snapshot publicly, or privately (by managing specific AWS Account IDs with permission to view your snapshot). 您可以选择公开或私下共享RDS快照(通过管理具有查看快照权限的特定AWS账户ID)。 By default, snapshots can be privately shared with up to 20 accounts. 默认情况下,快照最多可与最多20个帐户共享。
This can be managed from the RDS console by clicking 'Snapshots (left navigation bar) > Share Snapshot (top toolbar)', which leads you to the following UI: 这可以通过单击“快照(左侧导航栏)>共享快照(顶部工具栏)”从RDS控制台进行管理,从而引导您进入以下UI:
This is also available in the RDS API and CLI. 这也可以在RDS API和CLI中使用。
Original Answer: 原答案:
I also posted this to the AWS Developer Forums, and got a response from PhilP@AWS. 我还将此发布到AWS开发者论坛,并得到了PhilP @ AWS的回复 。 It seems like we can't do this at all, via powershell or any other means. 似乎我们根本无法通过powershell或任何其他手段来做到这一点。 He did have a couple of alternate suggestions, though: 不过,他确实提出了一些备选建议:
It's not possible to directly share an RDS Snapshot from one account to another.
If your RDS Instance is publicly accessible:
- Launch a new RDS DB onto your second account
- Install the appropriate DB management tools onto a PC, and give this PC network access to both RDS instances (security groups and DB user access for read and write)
- Using the database management tools to copy the data from one DB to the other DB
Copy data through an EC2 instance as an intermediary:
- Launch an EC2 instance configured with appropriate DB server software
- Copy the RDS DB Data from your RDS instance up to your EC2 instance
- Then launch your new RDS instance into the second account
- Configure appropriate access (security groups and DB user access for read and write)
- Copy the database data from your EC2 instance to your newly created RDS instance
My RDS instance isn't publicly accessible, and of his suggestions the EC2 solution would be preferable. 我的RDS实例无法公开访问,而且他的建议是EC2解决方案更可取。 We could alternate back to using a mysqldump, per the Server Fault solution. 根据服务器故障解决方案,我们可以交替使用mysqldump。
Edit: I wanted to update that I've successfully been able to implement the EC2 intermediary suggestion. 编辑:我想更新我已成功实施EC2中介建议。 This can be automated several ways, but the solution I chose involved passing a bash script to the (linux AMI) EC2 instance as user-data, and the details of data transfer were handled in the script. 这可以通过多种方式实现自动化,但我选择的解决方案包括将bash脚本作为用户数据传递给(linux AMI)EC2实例,并在脚本中处理数据传输的详细信息。
This solution ended up being fairly cost-effective, with the caveat that you want the RDS instance and the EC2 instance to be in the same availability zone. 此解决方案最终具有相当的成本效益,但需要注意的是您希望RDS实例和EC2实例位于同一可用区中。 This is in large part because data transfer between RDS-EC2 in the same availability zone is free with a private IP address. 这在很大程度上是因为在同一可用区域中RDS-EC2之间的数据传输是免费的 ,具有私有IP地址。
解决方案2
0 2016-03-12 17:33:46
Amazon finally made it possible to accomplish this. 亚马逊终于有可能实现这一目标。 You can share the snapshot with another account using the Edit-RDSDBSnapshotAttribute cmdlet ( example here ), then you can restore it to an account the snapshot was shared with using the Restore-RDSDBInstanceFromDBSnapshot cmdlet. 您可以使用Edit-RDSDBSnapshotAttribute cmdlet( 此处为示例 )与其他帐户共享快照,然后可以使用Restore-RDSDBInstanceFromDBSnapshot cmdlet将其还原到共享快照的帐户。
You can even share encrypted snapshots now. 您甚至可以立即共享加密的快照。 Here's a good walkthrough on how to do that. 这是关于如何做到这一点的一个很好的演练 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.