How to Copy Data to Another AWS Account

n2esAWS EBS offers persistent block level storage that is used with Amazon Elastic Compute Cloud (Amazon EC2) instances for persistent data storage. Additionally, EBS offers the option to create point-in-time snapshots that are ideally used to back up and restore data to achieve DR capabilities.

If an AWS account owner wants to share data with another AWS account user, the account owner can share snapshots with the other AWS account. This is done by modifying snapshot permission attributes, which requires the AWS account ID of the other user. Users can obtain their AWS account IDs from their AWS account section.  The other AWS account owner that you shared the snapshots with can create a new EBS volume in their AWS account, enabling them to have all of data from your EBS volume in their account.

It is important to note that users can share only unencrypted snapshots since encryption keys differ per AWS account.

In this article, we will show you how to share snapshots (EBS volume data backup) with other AWS account owners by modifying snapshot attributes.

  1. In the example below, we used a Windows 2012 instance with the following data:
    n2ws
  2. Next, create a snapshot from the previously created volume:
    n2wsUsing the AWS CLI
    aws ec2 create-snapshot –volume-id vol-5be6ff47 –description “This is my data volume snapshot.”
    n2ws
  3. In order to share your snapshot with another AWS account, select ‘Modify Snapshot Permissions’ under the ‘Actions’ tab in your AWS console and enter the appropriate AWS account number.
    n2ws(Note: An AWS account ID is a 12-digit numeric code that you can find in your AWS account settings. Please refer to the following wizard for more details).
    n2ws
    Using the CLI [Modify Attribute]
    aws ec2 modify-snapshot-attribute –snapshot-id snap-1529153f –attribute createVolumePermission –operation add –user-ids xxxxxxxxxx38
    n2ws
  4. You can see if the snapshot was successfully shared with the other AWS account by logging into the other account and filtering according to ‘Private Snapshots’ and ‘Snapshot ID’.
    n2wsUsing the CLI
    llll aws ec2 describe-snapshots –snapshot-id snap-1529153f
    n2ws(Note: The step above requires you to change your credentials to those of the AWS account that you shared the snapshots.)
    n2ws
  5. Now create a volume from the shared snapshot:
    n2ws
    Using the CLI
    aws ec2 create-volume –size 1 –region us-west-1 –availability-zone us-west-1a –volume-type gp2 –snapshot snap-079094c2
    n2ws
  6. We have attached the new volume to an EC2 instance in the targeted account. In the following wizard, you can see that the data from the original AWS account is available in the target AWS account’s volume.
    n2ws

This article demonstrates how to copy data from one account to another account by sharing snapshots with a targeted account. It’s important to note that sharing snapshots is more secure, fast and cost-effective when compared to copying data using SCP or any other copy command from one account to another.  It’s also important to note that when you share snapshots, all of the data on your EBS volume is shared with the other account. This may include secure data such as (kets, log files, etc.) so it’s important to remove secure content that you don’t want to share with the other user.

N2Ws offers a solution that enables you to further simplify the process of using snapshots. Cloud Protection Manager (CPM) is an enterprise-class backup-recovery and disaster recovery solution for the EC2 compute cloud. CPM is available as a service model that allows users to manage multiple AWS accounts and configure policies and schedules to take automated snapshot backups. It also has a Windows agent to consistently back up Windows applications. CPM allows you to recover a volume from a snapshot, increase its size and switch it with an existing attached volume, in a single step. To see the different editions with pricing and details, refer to our pricing page.

Share this post →

You might also like: