amazon web services - Copy encrypted EBS snapshot to another account -
i'm trying copy encrypted ebs instance 1 aws account part of disaster recovery process. i'm hoping has done before, i'm looking clever way approach it. big problem seems encryption keys. i've been able create k8s pod "backup" automatically when introducing encryption seems break because can't find key.
one more note, i've familiarized myself sharing process, ebs shared different account form account copy , forth - found few posts here nothing similar i'm looking for.
advanced thanks.
when create encrypted ebs volume, want specify custom encryption key. key can shared across regions/accounts.
you must use custom key if want copy snapshot account
when start copy operation can specify new key. according aws:
using new key copy provides additional level of isolation between 2 accounts. part of copy operation, data re-encrypted using new key.
please review https://aws.amazon.com/blogs/aws/new-cross-account-copying-of-encrypted-ebs-snapshots/
wiki
Comments
Post a Comment