Copying a DB Cluster Snapshot - Amazon Neptune
LimitationsSnapshot Copy RetentionEncryptionCross-Region Snapshot CopyingCopying a Snapshot on the ConsoleCopying a Snapshot with the AWS CLI

Copying a DB Cluster Snapshot

With Neptune, you can copy automated or manual DB cluster snapshots. After you copy a snapshot, the copy is a manual snapshot.

Copying an automated snapshot to another AWS account is a two-step process: First, you create a manual snapshot from the automated snapshot, and then you copy the manual snapshot to the other account.

As an alternative to copying, you can also share manual snapshots with other AWS accounts. For more information, see Sharing a DB Cluster Snapshot.

Limitations on Copying a Snapshot

The following are some limitations when you copy snapshots:

  • If you delete a source snapshot before the target snapshot becomes available, the snapshot copy might fail. Verify that the target snapshot has a status of AVAILABLE before you delete a source snapshot.

Retention of DB Cluster Snapshot Copies

Neptune deletes automated snapshots as follows:

  • At the end of their retention period.

  • When you disable automated snapshots for a DB cluster.

  • When you delete a DB cluster.

If you want to keep an automated snapshot for a longer period, copy it to create a manual snapshot, which is then retained until you delete it. Neptune storage costs might apply to manual snapshots if they exceed your default storage space.

Handling Encryption When Copying Snapshots

You can copy a snapshot that has been encrypted using an AWS KMS encryption key. If you copy an encrypted snapshot, the copy of the snapshot must also be encrypted. You can encrypt the copy with the same AWS KMS encryption key as the original snapshot, or you can specify a different AWS KMS encryption key.

You cannot encrypt an unencrypted DB cluster snapshot when you copy it.

For Amazon Neptune DB cluster snapshots, you can also leave the DB cluster snapshot unencrypted and instead specify a AWS KMS encryption key when restoring. The restored DB cluster is encrypted using the specified key.

Copying Snapshots Across AWS Regions

Note

This feature is available starting in Neptune engine release 1.0.2.1.

Important

Copying a DB Cluster Snapshot Using the Console

If your source database engine is Neptune, then your snapshot is a DB cluster snapshot. For each AWS account, you can copy up to five DB cluster snapshots at a time per AWS Region. Copying both encrypted and unencrypted DB cluster snapshots is supported.

To cancel a copy operation after it is in progress, delete the target DB cluster snapshot while that DB cluster snapshot is in copying status.

The following procedure works for copying encrypted or unencrypted DB cluster snapshots:

To copy a DB cluster snapshot

  1. Sign in to the AWS Management Console, and open the Amazon Neptune console at https://console.aws.amazon.com/neptune/home.

  2. In the navigation pane, choose Snapshots.

  3. Select the check box for the DB cluster snapshot you want to copy.

  4. Choose Actions, and then choose Copy Snapshot. The Make Copy of DB Snapshot page appears.

  5. Enter the name of the DB cluster snapshot copy in New DB Snapshot Identifier.

  6. To copy tags and values from the snapshot to the copy of the snapshot, choose Copy Tags.

  7. For Enable Encryption, choose one of the following options:

    • Choose Disable encryption if the DB cluster snapshot isn't encrypted and you don't want to encrypt the copy.

    • Choose Enable encryption if the DB cluster snapshot isn't encrypted but you want to encrypt the copy. In this case, for Master Key, specify the AWS KMS key identifier to use to encrypt the DB cluster snapshot copy.

    • Choose Enable encryption if the DB cluster snapshot is encrypted. In this case, you must encrypt the copy, so Yes is already selected. For Master Key, specify the AWS KMS key identifier to use to encrypt the DB cluster snapshot copy.

  8. Choose Copy Snapshot.

Copying a DB Cluster Snapshot Using the AWS CLI

You can copy a DB snapshot using the copy-db-cluster-snapshot AWS CLI command.

If you are copying the snapshot to a new AWS Region, run the command in the new Region.

Use the following parameter descriptions and examples to determine which parameters to use in copying a snapshot with the AWS CLI.

  • --source-db-cluster-snapshot-identifier   –   The identifier for the source DB snapshot.

    • If you are copying from a shared manual DB snapshot, this parameter must be the Amazon Resource Name (ARN) of the shared DB snapshot.

    • If you are copying an encrypted snapshot, this parameter must be in the ARN format for the source AWS Region, and must match the SourceDBSnapshotIdentifier in the PreSignedUrl parameter.

  • --target-db-cluster-snapshot-identifier –   –   The identifier for the new copy of the encrypted DB snapshot.

  • --kms-key-id –   –   The AWS KMS key ID for an encrypted DB snapshot. The AWS KMS key ID is the Amazon Resource Name (ARN), AWS KMS key identifier, or the AWS KMS key alias for the AWS KMS encryption key.

    • If you copy an encrypted DB snapshot from your AWS account, you can specify a value for this parameter to encrypt the copy with a new AWS KMS encryption key. If you don't specify a value for this parameter, then the copy of the DB snapshot is encrypted with the same AWS KMS key as the source DB snapshot.

    • You cannot use this parameter to create an encrypted copy of an unencrypted snapshot. Trying to do so will generate an error.

Example From Unencrypted, To Same Region

The following code creates a copy of a snapshot, with the new name mydbsnapshotcopy, from the us-east-1 AWS region to the us-west-2 region.

For Linux, OS X, or Unix:

aws neptune copy-db-cluster-snapshot \
  --source-db-cluster-snapshot-identifier instance1-snapshot-20130805 \
  --target-db-cluster-snapshot-identifier mydbsnapshotcopy

For Windows:

aws neptune copy-db-cluster-snapshot ^
  --source-db-cluster-snapshot-identifier instance1-snapshot-20130805 ^
  --target-db-cluster-snapshot-identifier mydbsnapshotcopy