Questo contenuto non è disponibile nella lingua selezionata

Lavoriamo costantemente per rendere disponibili i contenuti nella lingua selezionata. Ti ringraziamo per la comprensione.

How do I modify permissions for multiple Amazon RDS snapshots?

2 minuti di lettura

I want to modify the permissions for multiple Amazon Relational Database Service (Amazon RDS) snapshots.

Short description

To modify permissions for multiple Amazon RDS snapshots, use the AWSSupport-ModifyRDSSnapshotPermission runbook. This runbook allows you to make your RDS snapshots public or private and share them with other AWS accounts.

Note: You can't use the runbook to share encrypted snapshots that have a default AWS Key Management System (AWS KMS).

Resolution

Prerequisites

Before you run the automation, make sure that your AWS Identity and Access Management (IAM) user or the role has required permissions. For more information, see AWSSupport-ModifyRDSSnapshotPermission.

Note: To share an encrypted snapshot with another account, share the AWS KMS key with the destination account.

Run the Systems Manager automation runbook

Complete the following steps:

Open the AWS Systems Manager console.
In the navigation pane, choose Documents.
In the search bar, enter AWSSupport-ModifyRDSSnapshotPermission (Owner: Amazon).
Select the AWSSupport-ModifyRDSSnapshotPermission document.
Choose Execute automation.
For the input parameters, enter the following:
SnapshotIds: The IDs of Amazon RDS snapshots that you want to share or modify the permissions of.
Private: Choose No to share the snapshot with specific account IDs.
AutomationAssumeRole (optional): The Amazon Resource Name (ARN) of the IAM role that allows Systems Manager Automation to perform the actions on your behalf. If you don't specify a role, then Systems Manager Automation uses the permissions of the user that runs the document.
AccountIds (optional): The list of account IDs for accounts that you want to share the snapshot with.
AccountPermissionOperation (optional): Account-level permissions. Choose add, remove or none.
Choose Execute.
Review the Outputs section for detailed results:
MakePrivate.Results: If you chose Yes for Private, then this field includes the SnapshotID and result of the operation.
SharedOtherAccounts.Result: If you chose AccountPermissionOperation, then this field includes the result of the operation.
MakePrivate.Commands: This field includes the command that the runbook used to modify the permissions of the RDS snapshot.
ValidateSnapshots.EncryptedSnapshots: This field lists the encrypted snapshots that are passed as inputs to share with other accounts.