Enabling Cross-Account Sharing of an Amazon RDS Snapshot Copy to the Same or a Different Region


On this page

You can share Amazon RDS snapshots to a different AWS account by copying the snapshot to the target geographic region, and then by sharing the copied snapshot cross account. Tags attached to the source snapshot are not copied to the destination account or to a regional snapshot copy.

To copy the snapshots, you must map the source region to the target region. If you don't map the source region to the target region, by default, the target region is mapped to be the same region as the source region of the snapshot.


  • Replication of a snapshot from the same region to the same or a different region.

  • Share a snapshot to a different account. If you are sharing encrypted snapshots, the KMS key must be shared with the target account.

  • Aurora database cluster snapshot.

  • Snapshot of an encrypted RDS instance that uses the KMS key encryption is supported by using an account that has a secret key/access key or an IAM role.

    To replicate a copy of encrypted RDS snapshots, the user can either have a key with alias cvlt-rds or cvlt-master at the destination region. If the user is using the key with a different alias, then the user must create a tag for the KMS key with the tag name cvlt-rds or cvlt-master at the destination region.

    Note: IAM user must be added as a key user for the KMS key used for the destination region.


  1. From the navigation pane, go to Protect > Databases.

    The Instances page appears.

  2. Click the instance.

    The instance page appears.

  3. In the Instance groups section, click the instance group for which you want to enable cross-account sharing.

    The instance group properties page appears.

  4. In the Snapshot section, complete the following steps:

    1. Move the Replication toggle key to the right.

      The Add a region mapping page appears. The region mapping information initially displayed is inherited from the plan, but you can modify it.

    2. From the Source region and Destination region lists, select a source AWS region and a target AWS region.

      You can map only one destination region to each configured source region per instance group.

    3. Click OK.

    4. Move the Cross account operations toggle to the right.

      The Cross account operations page appears.

    5. For Choose action, click the Share only button.

    6. From the Destination account list, select the account.

    7. Click OK.

  5. Perform an auxiliary copy operation.