Search code examples
amazon-web-servicesaws-elasticsearch

How to move AWS Elasticsearch into another account

I'm moving all the instances under each service from old AWS account into new AWS account. I've found ways to move EC2 and RDS into another account.

  • To move EC2 instance, I have created an AMI and shared with the new AWS account. Using that image I've created an instance
  • To move RDS instance, I've created a snapshot and shared with the new AWS account. I've restored the shared snapshot in the new account

Now I need to move Elasticsearch from old account to the new one. I couldn't able to figure out a way to move my Elasticsearch. Can anyone help me on this?

Solution

  • Create a role with Elasticsearch permission. You may also use the existing role with the following trust relationship,

    {
  "Effect": "Allow",
  "Principal": {
    "Service": "es.amazonaws.com"
  },
  "Action": "sts:AssumeRole"
}

    Provide the iam:PassRole for the iam user whose access/secret keys will be using to take snapshot.

    {
  "Version": "2012-10-17",
  "Statement": {
    "Effect": "Allow",
    "Action": "iam:PassRole",
    "Resource": "arn:aws:iam::accountID:role/TheServiceRole"
  }
}

    Change the access & secret key, host, region, path, and payload in the below code and execute it.

    import requests
from requests_aws4auth import AWS4Auth

AWS_ACCESS_KEY_ID=''
AWS_SECRET_ACCESS_KEY=''
region = 'us-west-1'
service = 'es'

awsauth = AWS4Auth(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, region, service)
host = 'https://elasticsearch-domain.us-west-1.es.amazonaws.com/' # include https:// and trailing /

# REGISTER REPOSITORY
path = '_snapshot/my-snapshot-repo' # the Elasticsearch API endpoint
url = host + path

payload = {
  "type": "s3",
  "settings": {
    "bucket": "s3-bucket-name",
    "region": "us-west-1",
    "role_arn": "arn:aws:iam::accountID:role/TheServiceRole"
  }
}

headers = {"Content-Type": "application/json"}
r = requests.put(url, auth=awsauth, json=payload, headers=headers) # requests.get, post, put, and delete all have similar syntax
print(r.text)

    To take the snapshot and store it in the S3

    path = '_snapshot/my-snapshot-repo/my-snapshot'
url = host + path
r = requests.put(url, auth=awsauth)
print(r.text)

    Now the snapshot is ready. Share this snapshot to another account and use the same code with new account keys and endpoint to restore it using the below code snippet.

    To restore all indices from the snapshot

    path = '_snapshot/my-snapshot-repo/my-snapshot/_restore'
url = host + path
r = requests.post(url, auth=awsauth)
print(r.text)

    To restore single index from the snapshot

    path = '_snapshot/my-snapshot-repo/my-snapshot/_restore'
url = host + path
payload = {"indices": "my-index"}
headers = {"Content-Type": "application/json"}
r = requests.post(url, auth=awsauth, json=payload, headers=headers)
print(r.text)

    Reference: AWS docs.