Steven Noble | Tue, 09 Jul 2019
It's one thing to automatically snapshot your EC2 instances, to encrypt them, and to automatically copy them to the other side of the Earth in case an entire AWS region is affected by a natural or technical disaster. These are all important measures that our users have put in place using GorillaStack.
But what if the one AWS account owns the original EC2 instance, the snapshot, and the snapshot copy? In that scenario, it is much easier for an employee to destroy a crucial part of your business before they tell you to "take this job and shove it".
Your final line of defense should be having a copy of each snapshot in a separate Disaster Recovery (DR) account that is protected with with its own protocols, and where copied snapshots are re-encrypted with their own DR-only key. GorillaStack now lets you automate the process of copying your snapshots to a DR account in this way.
Our docs walk you through the process of providing the main AWS account and the DR account with the absolute minimum set of permissions required to make this cross-account bunkering possible. And our Copy EBS Snapshots action then takes care of the rest, automatically copying your EBS snapshots to your DR account according to your rules.