This project provides an easy way to share RDS snapshots between aws accounts.
Just run this command
docker run gianrubio/aws-share-rds-snapshot --src-secret-access-key=A... \
--src-access-key-id=AKI... \
--dest-account-id=213... \
--dest-access-key-id=AKI.... \
--dest-secret-access-key=B... \
--dest-region=eu-west-1 \
--src-region=eu-west-1 \
--db-name=prod,preprod
--src-account-id=752...
--retention-time=6014800
- Snapshot an instance from the aws source account,
- Share this snapshot to the aws destination account
- Copy this backup in the destination account
- Delete generated snapshots in both account
- Delete snapshots older than
retention-timeargument
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds:CopyDBSnapshot",
"rds:DeleteDBSnapshot",
"rds:DescribeDBSnapshots"
],
"Resource": [
"*"
]
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds:CreateDBSnapshot",
"rds:DeleteDBSnapshot",
"rds:ModifyDBSnapshotAttribute",
"rds:DescribeDBSnapshots"
],
"Resource": [
"*"
]
}
]
}
There's a cronjob example to run on k8s. Fill your secrets (base64) on k8s/secrets.yaml, edit k8s/job.yaml and apply the changes.
$ kubectl apply -f k8s/