Ping a Specific Port

Question

Steve Rukuts

Asked: 2016-08-23 13:14:33 +0800 CST2016-08-23 13:14:33 +0800 CST 2016-08-23 13:14:33 +0800 CST

Can I now replicate an encrypted RDS instance to another region?

772

RDS offers encryption at rest, but this is incompatible with cross-region replication. The documentation states:

Because KMS encryption keys are specific to the region that they are created in, you cannot copy an encrypted snapshot from one region to another or replicate encrypted DB instances across regions.

However, it is now possible to upload a custom KMS master key. If I generate my own master key and upload it to both eu-west-1 and eu-central-1, is it possible to is it possible to replicate an encrypted RDS instance across regions?

The documentation does not say anything about this scenario. It's possible that it's now technically possible but the API does not permit it.

1 Answers

Voted

Steve Rukuts · Answer 1 · 2016-08-25T01:02:09+08:00

Steve Rukuts

2016-08-25T01:02:09+08:002016-08-25T01:02:09+08:00

I asked this question on the AWS forums, and got an answer from someone at Amazon:

As you noted, this is now technically possible but the RDS API does not yet support it. We are working on it but have not announced a release date. Stay tuned.

This is excellent news - soon we won't have to choose between one or the other.

1

Can I now replicate an encrypted RDS instance to another region?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?