I am trying to copy or share the DocumentDB cluster from one AWS account to other, but the existing cluster is encrypted so I am not able to do share it with other accounts, so is there any way we can make existing cluster unencrypted and then share it to the other account?
Unable to share encrypted DocumentDB cluster snapshot to diffrent AWS account for same region
423 views Asked by Gaurav Takte At
2
There are 2 answers
3

I believe this will be as a result of the following limitation for DocumentDB (and other services).
You can't share a snapshot that has been encrypted using the default AWS KMS encryption key of the account that shared the snapshot.
When you create a snapshot make sure to select a custom encryption key, and ensure you grant access to the account you intend to share to via the key policy.
More information is available in the Sharing Amazon DocumentDB Cluster Snapshots documentation.
The recommended approach is to do a cross-region copy of your snapshot using a KMS key from the other region.
If you still want to follow the unencrypted approach, you will need to create an unencrypted cluster and restoring data from the encrypted one with a dump.